www.activescreening.com Open in urlscan Pro
3.220.14.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://activescreening.com/billing-notice/
Effective URL:
https://www.activescreening.com/billing-notice/
Submission: On April 08 via manual (April 8th 2020, 12:54:45 pm UTC) from US

Summary HTTP 52 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 20 domains to perform 52 HTTP transactions. The main IP is 3.220.14.62, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.activescreening.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 5th 2020. Valid for: 3 months.

This is the only time www.activescreening.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 4	34.213.106.51 34.213.106.51	16509 (AMAZON-02) (AMAZON-02)
12	3.220.14.62 3.220.14.62	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	34.201.198.244 34.201.198.244	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	147.75.102.203 147.75.102.203	54825 (PACKET) (PACKET)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.213.14.101 23.213.14.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	147.75.33.229 147.75.33.229	54825 (PACKET) (PACKET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.196.234.107 23.196.234.107	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700::68... 2606:4700::6812:a59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:b59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	24

4 34.213.106.51 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-106-51.us-west-2.compute.amazonaws.com

activescreening.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.220.14.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-14-62.compute-1.amazonaws.com

www.activescreening.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.201.198.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-198-244.compute-1.amazonaws.com

fs24.formsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress3

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.14.101 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-14-101.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.33.229 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress11

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.196.234.107 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-234-107.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a59 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b59 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	activescreening.com 4 redirects activescreening.com www.activescreening.com	727 KB
5	livechatinc.com cdn.livechatinc.com secure.livechatinc.com	75 KB
5	gstatic.com fonts.gstatic.com	49 KB
4	hubspot.com api.hubspot.com track.hubspot.com forms.hubspot.com	2 KB
3	google.de www.google.de	329 B
3	google.com 1 redirects www.google.com	433 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	71 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	googleadservices.com www.googleadservices.com	21 KB
2	googletagmanager.com www.googletagmanager.com	63 KB
1	hubapi.com api.hubapi.com	287 B
1	hs-banner.com js.hs-banner.com	7 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	usemessages.com js.usemessages.com	15 KB
1	hs-analytics.net js.hs-analytics.net	22 KB
1	hsleadflows.net js.hsleadflows.net	61 KB
1	hs-scripts.com js.hs-scripts.com	747 B
1	formsite.com fs24.formsite.com
1	googleapis.com fonts.googleapis.com	2 KB
52	20

	Domain	Requested by
12	www.activescreening.com	www.activescreening.com
5	fonts.gstatic.com	www.activescreening.com
4	activescreening.com	4 redirects
3	secure.livechatinc.com	cdn.livechatinc.com
3	www.google.de	www.activescreening.com
3	www.google.com	1 redirects www.activescreening.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.activescreening.com
2	api.hubspot.com	js.usemessages.com www.activescreening.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	cdn.livechatinc.com	www.activescreening.com
2	www.googleadservices.com	www.googletagmanager.com
2	www.googletagmanager.com	www.activescreening.com js.hsadspixel.net
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	fs24.formsite.com	www.activescreening.com
1	fonts.googleapis.com	www.activescreening.com
52	27

This site contains links to these domains. Also see Links.

Domain
support.activescreening.com
activate.activescreening.com
compliance.activescreening.com
www.facebook.com
twitter.com
www.linkedin.com
thepbsa.org

Subject Issuer	Validity	Valid
www.activescreening.com Let's Encrypt Authority X3	`2020-04-05` - `2020-07-04`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.formsite.com Go Daddy Secure Certificate Authority - G2	`2020-03-02` - `2022-04-09`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-07` - `2020-10-09`	6 months	crt.sh
*.livechatinc.com DigiCert ECC Secure Server CA	`2019-02-10` - `2020-05-11`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh
hubapi.com CloudFlare Inc ECC CA-2	`2020-01-21` - `2020-10-09`	9 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.activescreening.com/billing-notice/
Frame ID: 47629060D90A55BA214CC47E8AC5D3F0
Requests: 50 HTTP requests in this frame

Frame: https://fs24.formsite.com/res/showFormEmbed?EParam=m%2FOmK8apOTATx%2B3HJDfK79lARFv6bfoFeABRcuSTk7w%3D&277551667&EmbedId=277551667
Frame ID: EB8268244967E660AFEDA676FF6EC3D0
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: E58C5FAAA5505ACA428F21CE27A13C8B
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/licence/4760001/v2/open_chat.cgi?license=4760001&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 0828E3DC97FBBB832298C0277C026E9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://activescreening.com/billing-notice/ HTTP 301
https://www.activescreening.com/billing-notice/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.livechatinc\.com\/.*tracking\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

52
Requests

100 %
HTTPS

68 %
IPv6

20
Domains

27
Subdomains

24
IPs

5
Countries

1139 kB
Transfer

4176 kB
Size

13
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://support.activescreening.com/hc/en-us
Title: SUPPORT

Search URL Search Domain Scan URL

URL: https://activate.activescreening.com/login.cfm
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://compliance.activescreening.com/Index.aspx
Title: Request copy / Dispute your background report

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Active-Screening/399035733552569

Search URL Search Domain Scan URL

URL: http://twitter.com/activescreening

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/active-screening

Search URL Search Domain Scan URL

URL: https://thepbsa.org/
Title: <img class="wp-image-32717 alignnone size-full" src="/wp-content/uploads/2019/11/Accreditation-Logo-2-WHITE-transparent_PBSA.png" style='width: 100%; max-width: 150px; padding-left:5%;'>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://activescreening.com/billing-notice/ HTTP 301
https://www.activescreening.com/billing-notice/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png HTTP 301
https://www.activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png

Request Chain 17

https://activescreening.com/wp-content/uploads/2019/08/footer-logo.png HTTP 301
https://www.activescreening.com/wp-content/uploads/2019/08/footer-logo.png

Request Chain 26

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-44443170-1&cid=917833647.1586350452&jid=1937675000&gjid=1002473036&_gid=1701140518.1586350452&_u=aGBAgEAj~&z=794236111 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44443170-1&cid=917833647.1586350452&jid=1937675000&_v=j81&z=794236111 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44443170-1&cid=917833647.1586350452&jid=1937675000&_v=j81&z=794236111&slf_rd=1&random=3261298011

Request Chain 44

https://activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png HTTP 301
https://www.activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.activescreening.com/billing-notice/
Redirect Chain

https://activescreening.com/billing-notice/
https://www.activescreening.com/billing-notice/

24 KB
7 KB

2895ms
2675ms

Document
text/html

3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx / WP Engine
Resource Hash: 59c935a88a9f6ade6a5757676bd7c44218c22053f8db6bf5d0f45e7600ff7d1a

Request headers

:method: GET
:authority: www.activescreening.com
:scheme: https
:path: /billing-notice/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
server: nginx
date: Wed, 08 Apr 2020 12:54:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-pingback
link: <https://www.activescreening.com/wp-json/>; rel="https://api.w.org/" <https://www.activescreening.com/?p=4098>; rel=shortlink
expires: Wed, 08 Apr 2020 12:54:08 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
content-encoding: br

Redirect headers

status: 301
date: Wed, 08 Apr 2020 12:54:08 GMT
content-type: text/html
content-length: 166
location: https://www.activescreening.com/billing-notice/
cache-control: no-store, no-cache, must-revalidate
expires: Wed, 08 Apr 2020 12:54:08 GMT
server: EasyRedir

GET
H2 200 css
fonts.googleapis.com/ 56 KB
2 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7CRoboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7COpen%20Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&display=swap

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f9d272a313ad3156b627574867ecf5d9031630146a7f0c943ced04034432a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 12:54:11 GMT
server: ESF
date: Wed, 08 Apr 2020 12:54:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Apr 2020 12:54:11 GMT

GET
H2 200 649a6f9f45d00f6d68ddb5d904a8e660.css
www.activescreening.com/wp-content/cache/min/1/ 2 MB
190 KB 104ms
103ms Stylesheet
text/css 3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activescreening.com/wp-content/cache/min/1/649a6f9f45d00f6d68ddb5d904a8e660.css
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e10fe305a69ffd9580cfce82af3462e113ff1d228a4e113823f81b055bd06cbe

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
content-encoding: br
last-modified: Sat, 28 Mar 2020 21:00:36 GMT
server: nginx
status: 200
etag: W/"5e7fbaf4-18e393"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-1.12.4-wp.js Show response
www.activescreening.com/wp-content/cache/busting/1/wp-includes/js/jquery/ 95 KB
34 KB 179ms
178ms Script
application/javascript 3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activescreening.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-1.12.4-wp.js
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
content-encoding: br
last-modified: Fri, 27 Mar 2020 04:23:45 GMT
server: nginx
status: 200
etag: W/"5e7d7fd1-17a69"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2

200

active-screening-dark.png
www.activescreening.com/wp-content/uploads/2019/07/
Redirect Chain

https://activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png
https://www.activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png

5 KB
5 KB

259ms
258ms

Image
image/png

3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 256309ec497ccfe52284c3390213ca4545a1ab7f20fa796a702fe933b89d2228

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
last-modified: Fri, 27 Mar 2020 04:15:47 GMT
server: nginx
access-control-allow-origin: *
etag: "5e7d7df3-139a"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5018

Redirect headers

date: Wed, 08 Apr 2020 12:54:11 GMT
server: EasyRedir
location: https://www.activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png
content-type: text/html
status: 301
cache-control: no-store, no-cache, must-revalidate
content-length: 166
expires: Wed, 08 Apr 2020 12:54:11 GMT

GET
H2 200 lazyload.min.js Show response
www.activescreening.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 5 KB
2 KB 104ms
103ms Script
application/javascript 3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activescreening.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
content-encoding: br
last-modified: Fri, 27 Mar 2020 04:15:55 GMT
server: nginx
status: 200
etag: W/"5e7d7dfb-15d1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 7eb5090ef735b5bd5c7c4b25d086020e.js Show response
www.activescreening.com/wp-content/cache/min/1/ 559 KB
140 KB 257ms
257ms Script
application/javascript 3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activescreening.com/wp-content/cache/min/1/7eb5090ef735b5bd5c7c4b25d086020e.js
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d5530aafa1036fbe0f8f41c012249ae0d3c8844d1fc569e4e99048338a143218

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
content-encoding: br
last-modified: Sat, 28 Mar 2020 21:00:33 GMT
server: nginx
status: 200
etag: W/"5e7fbaf1-8bb8a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
34 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TK78WC

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2794b3d67ebe2a0a76c384d534d17d7f815d25cea7675116af2319ac3bc6ee91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35043
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Apr 2020 12:54:11 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7CRoboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7COpen%20Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&display=swap
Origin: https://www.activescreening.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 00:54:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 993560
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Sun, 28 Mar 2021 00:54:51 GMT

GET
H2 200 fontawesome-webfont.woff2
www.activescreening.com/wp-content/plugins/testimonial-free/public/assets/fonts/ 70 KB
70 KB 107ms
106ms Font
font/woff2 3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activescreening.com/wp-content/plugins/testimonial-free/public/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://www.activescreening.com/wp-content/cache/min/1/649a6f9f45d00f6d68ddb5d904a8e660.css
Origin: https://www.activescreening.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
last-modified: Fri, 27 Mar 2020 04:16:15 GMT
server: nginx
status: 200
etag: "5e7d7e0f-118d8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 71896

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7CRoboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7COpen%20Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&display=swap
Origin: https://www.activescreening.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 23:56:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 2465877
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Wed, 10 Mar 2021 23:56:14 GMT

GET
H2 200 modules.ttf
www.activescreening.com/wp-content/themes/Divi/core/admin/fonts/ 90 KB
91 KB 100ms
99ms Font
application/octet-stream 3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activescreening.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer: https://www.activescreening.com/wp-content/cache/min/1/649a6f9f45d00f6d68ddb5d904a8e660.css
Origin: https://www.activescreening.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
last-modified: Fri, 27 Mar 2020 04:15:54 GMT
server: nginx
status: 200
etag: "5e7d7dfa-168f0"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 92400

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7CRoboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7COpen%20Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&display=swap
Origin: https://www.activescreening.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 2490803
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:00:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7CRoboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7COpen%20Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&display=swap
Origin: https://www.activescreening.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 12:00:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 348833
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Sun, 04 Apr 2021 12:00:18 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969d3b8c3b846ba9d4dd5fa3936ec2c610f4f9f67f6f880cc9b00ebda3414083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7CRoboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7COpen%20Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&display=swap
Origin: https://www.activescreening.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 03:09:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 985507
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10984
x-xss-protection: 0
expires: Sun, 28 Mar 2021 03:09:04 GMT

GET
H2 200 showFormEmbed
fs24.formsite.com/res/ Frame EB82 0
0 442ms
220ms Document
text/html 34.201.198.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs24.formsite.com/res/showFormEmbed?EParam=m%2FOmK8apOTATx%2B3HJDfK79lARFv6bfoFeABRcuSTk7w%3D&277551667&EmbedId=277551667
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/wp-content/cache/min/1/7eb5090ef735b5bd5c7c4b25d086020e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.198.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-198-244.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

:method: GET
:authority: fs24.formsite.com
:scheme: https
:path: /res/showFormEmbed?EParam=m%2FOmK8apOTATx%2B3HJDfK79lARFv6bfoFeABRcuSTk7w%3D&277551667&EmbedId=277551667
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.activescreening.com/billing-notice/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.activescreening.com/billing-notice/

Response headers

status: 200
date: Wed, 08 Apr 2020 12:54:12 GMT
content-type: text/html;charset=UTF-8
content-length: 4765
set-cookie: AWSALB=dlqViTTA33y9PS0FydK3sEK4USoIY9AL8XrXQgZT2KaA2bD8dn00HQtpaDMpB5dyawlTTBYsg4EhP9AZerldJA+k/JFa8qSRHl0kf2z3pxbp7W1oO1RYUXdKV5vx; Expires=Wed, 15 Apr 2020 12:54:11 GMT; Path=/ AWSALBCORS=dlqViTTA33y9PS0FydK3sEK4USoIY9AL8XrXQgZT2KaA2bD8dn00HQtpaDMpB5dyawlTTBYsg4EhP9AZerldJA+k/JFa8qSRHl0kf2z3pxbp7W1oO1RYUXdKV5vx; Expires=Wed, 15 Apr 2020 12:54:11 GMT; Path=/; SameSite=None; Secure JSESSIONID=972E7509CFFF30DF1E2AF89A0948E9E7; Path=/res; Secure; HttpOnly; SameSite=None
server: Apache
vary: Accept-Encoding,User-Agent
content-encoding: gzip

GET
H2 200 loadingAnimation.gif
www.activescreening.com/wp-includes/js/thickbox/ 15 KB
15 KB 103ms
102ms Image
image/gif 3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activescreening.com/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
last-modified: Fri, 27 Mar 2020 04:15:41 GMT
server: nginx
status: 200
etag: "5e7d7ded-3b86"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15238

GET
H2

200

footer-logo.png
www.activescreening.com/wp-content/uploads/2019/08/
Redirect Chain

https://activescreening.com/wp-content/uploads/2019/08/footer-logo.png
https://www.activescreening.com/wp-content/uploads/2019/08/footer-logo.png

7 KB
8 KB

99ms
99ms

Image
image/png

3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activescreening.com/wp-content/uploads/2019/08/footer-logo.png
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fabbd716280946af7756a9027034b842b123ce25f5b75fe1bdca0a3251b9c00d

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 12:54:12 GMT
last-modified: Fri, 27 Mar 2020 04:15:55 GMT
server: nginx
access-control-allow-origin: *
etag: "5e7d7dfb-1dbc"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7612

Redirect headers

date: Wed, 08 Apr 2020 12:54:11 GMT
server: EasyRedir
location: https://www.activescreening.com/wp-content/uploads/2019/08/footer-logo.png
content-type: text/html
status: 301
cache-control: no-store, no-cache, must-revalidate
content-length: 166
expires: Wed, 08 Apr 2020 12:54:11 GMT

GET
H2 200 Accreditation-Logo-2-WHITE-transparent_PBSA.png
www.activescreening.com/wp-content/uploads/2019/11/ 159 KB
159 KB 100ms
99ms Image
image/png 3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activescreening.com/wp-content/uploads/2019/11/Accreditation-Logo-2-WHITE-transparent_PBSA.png
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d3ce798ecb4027eb40f8b8908b78ebc8f52c47b4712fdba16b744054c934b795

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
last-modified: Fri, 27 Mar 2020 04:15:45 GMT
server: nginx
status: 200
etag: "5e7d7df1-27afa"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 162554

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK78WC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1240
date: Wed, 08 Apr 2020 12:33:31 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 08 Apr 2020 14:33:31 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
10 KB 45ms
44ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK78WC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1cc657c390692096c0fd899fb5ddeb76eb79981db1154ab3decc1e81414516dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10566
x-xss-protection: 0
server: cafe
etag: 4103526559094646519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Apr 2020 12:54:11 GMT

GET
H2 200 hotjar-786396.js Show response
static.hotjar.com/c/ 3 KB
2 KB 49ms
49ms Script
application/javascript 147.75.102.203
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-786396.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK78WC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress3

Software

Resource Hash

e58eba9d9688363663a3aeb63fd6d70c0173c77848a146e4feb34bb5a6f9b42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/c2c6b7d750e7f15b8e5565269dd1e90b
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.020
accept-ranges: bytes
section-io-id: cd3d4761ae592b0df020963649be52a0
section-origin-responded: true

GET
H2 200 6060861.js Show response
js.hs-scripts.com/ 2 KB
747 B 130ms
129ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6060861.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK78WC
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbea947071b2f06b082ed7b6045ccf0170b389c3782f03f3614fa3cf80692d7c

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
access-control-allow-origin: https://www.activescreening.com
x-trace: 2BC847129CAEB4E72B159D38E610D23E115527137C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 580c22b409461762-FRA
expires: Wed, 08 Apr 2020 12:55:11 GMT

GET
H/1.1 200
OK tracking.js Show response
cdn.livechatinc.com/ 215 KB
59 KB 141ms
60ms Script
application/javascript 23.213.14.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.213.14.101 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-14-101.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bb4bd29b1e3216327587aa152004737781ef2aeb69e191f160bc8298ac546e82

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: CxxYgdP4ySMjCaE94tH8JryikcUnjxAd
Content-Encoding: gzip
Last-Modified: Wed, 08 Apr 2020 08:57:37 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53
Date: Wed, 08 Apr 2020 12:54:11 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=28800
Connection: keep-alive
Content-Length: 59949
X-Amz-Cf-Id: eo2qNSDVFzeR3Pj5XaupyydkT7MVI3zJCokVUChLXpUuikxmML4eWw==
Expires: Wed, 08 Apr 2020 20:54:11 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
935 B 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2643
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Wed, 08 Apr 2020 13:10:08 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1855239034&t=pageview&_s=1&dl=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F&ul=en-us&de=UTF-8&dt=Billing%20Notice%20-%20Active%20Screening&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEAj~&jid=1937675000&gjid=1002473036&cid=917833647.1586350452&tid=UA-44443170-1&_gid=1701140518.1586350452&gtm=2wg3p1TK78WC&z=1231812697

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 13:18:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 344118
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-44443170-1&cid=917833647.1586350452&jid=1937675000&gjid=1002473036&_gid=1701140518.1586350452&_u=aGBAgEAj~&z=794236111
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44443170-1&cid=917833647.1586350452&jid=1937675000&_v=j81&z=794236111
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44443170-1&cid=917833647.1586350452&jid=1937675000&_v=j81&z=794236111&slf_rd=1&random=3261298011

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44443170-1&cid=917833647.1586350452&jid=1937675000&_v=j81&z=794236111&slf_rd=1&random=3261298011

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Apr 2020 12:54:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Apr 2020 12:54:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44443170-1&cid=917833647.1586350452&jid=1937675000&_v=j81&z=794236111&slf_rd=1&random=3261298011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/967528959/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/967528959/?random=1586350451895&cv=9&fst=1586350451895&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F&tiba=Billing%20Notice%20-%20Active%20Screening&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

542f4c5a2d45a9033a42391865fdc0f350e6d0ac812c0066e7e13f089cabf979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 08 Apr 2020 12:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1011
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.0e6bda2ecacc818f9349.js Show response
script.hotjar.com/ 366 KB
69 KB 31ms
31ms Script
application/javascript 147.75.33.229
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.0e6bda2ecacc818f9349.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-786396.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress11
Software: /
Resource Hash: 60a0550b0f093cec62d5a182da3792a56568fe454421231243141c37aa13bad2

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:13 GMT
content-encoding: br
content-type: application/javascript
age: 14336
status: 200
section-io-cache: Hit
content-length: 70619
last-modified: Wed, 08 Apr 2020 07:19:58 GMT
etag: "092eda55f4c8adc5b4d81395def4c521"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.044
accept-ranges: bytes
section-io-id: 164281e3a22aa2838ebf2a2a0600a8b6
section-origin-responded: true

GET
H2 200 /
www.google.com/pagead/1p-user-list/967528959/ 42 B
122 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/967528959/?random=1586350451895&cv=9&fst=1586347200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3p1&sendb=1&frm=0&url=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F&tiba=Billing%20Notice%20-%20Active%20Screening&async=1&fmt=3&is_vtc=1&random=756428538&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 08 Apr 2020 12:54:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/967528959/ 42 B
110 B 33ms
33ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/967528959/?random=1586350451895&cv=9&fst=1586347200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3p1&sendb=1&frm=0&url=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F&tiba=Billing%20Notice%20-%20Active%20Screening&async=1&fmt=3&is_vtc=1&random=756428538&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 08 Apr 2020 12:54:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame E58C 0
0 33ms
33ms Document
text/html 147.75.33.229
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-786396.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress11
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.activescreening.com/billing-notice/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.activescreening.com/billing-notice/

Response headers

status: 200
date: Wed, 08 Apr 2020 12:54:13 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 25 Mar 2020 15:18:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.086
section-origin-responded: true
age: 1151253
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: ae62df8ad000d34a035eb899ac116d46

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 378 KB
61 KB 138ms
123ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6060861.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d73ae338911ac26a2a294250fb264f62828bf4a12b33e1d2f989a489f4a93932

Request headers

Referer: https://www.activescreening.com/billing-notice/
Origin: https://www.activescreening.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 12:54:12 GMT
via: 1.1 32c5b7040885724e78019cc31f0ef3e9.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD89-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
last-modified: Mon, 06 Apr 2020 02:23:30 GMT
server: cloudflare
etag: W/"56be66036415f7b92e22cb6b6dd3aa03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: XxkLlR0upYx8RpYI3v70keTf2yubaGKQ
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
cf-ray: 580c22b4fb746431-FRA
x-amz-cf-id: -3wRmVnbZkR4XiExJaQ0l1hs10BRRQaru7KZW8roY2FzkLb7P_ZC6Q==

GET
H2 200 6060861.js Show response
js.hs-analytics.net/analytics/1586350200000/ 82 KB
22 KB 153ms
152ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1586350200000/6060861.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6060861.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda81dddaa29113995c8ccb55bc8df89e5f46a4f4f49e62fe4d35f869b2a5292

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:12 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: A608AFF630E13D9F
x-amz-server-side-encryption: AES256
status: 200
content-type: text/javascript
x-amz-id-2: /c07JWCUk3ETddLdlSCnnQhok0VC9dBK9U1ELazq71dWru2nBOrFXgd4KbxkCq3YSAJ4WxYgYjw=
last-modified: Thu, 02 Apr 2020 16:16:50 GMT
server: cloudflare
etag: W/"658f682f249eb99216b05e9f0c2c219b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 580c22b4dc990eaf-FRA
expires: Wed, 08 Apr 2020 12:59:12 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 61 KB
15 KB 44ms
28ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6060861.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f86dea7658e3168bf7930a2fe6a263d3eed65efba1cec9afdc6921245711fbf8

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:12 GMT
via: 1.1 ed8e6c4476f2632eef2c7ce856161af0.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
x-amz-version-id: RrejDyikr30uX6azOE2OKgwz0L9wwv1H
last-modified: Mon, 06 Apr 2020 06:45:13 GMT
server: cloudflare
etag: W/"411fd2d636b8d16212e1875340ddf889"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
x-amz-cf-pop: IAD89-C1
cf-ray: 580c22b4fb70c29f-FRA
x-amz-cf-id: snW6mJOsIcnKFW4st8AyjmabHmVHcqZtHwJTC-meuqCD2Rs2_bqNIQ==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 4 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6060861.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa5a29bd9155a6a8a0e4af8cb8aed939c9c73d454de40ffafa401838b485055

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:11 GMT
via: 1.1 f37f104903bda438e8b0547be6e0c193.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 491
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
x-amz-version-id: qMSpo3sC.BiIj70bgxAXW9_Js1.PmD46
last-modified: Mon, 30 Mar 2020 01:16:13 GMT
server: cloudflare
etag: W/"7a80569fddf77c67bd7c33bdc750aea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
x-amz-cf-pop: IAD89-C3
cf-ray: 580c22b4d863d6b1-FRA
x-amz-cf-id: 8NNDThWSmf30jabtpl1zz51FhsrTEjWPK68ZUmYq_ruh3PaImbQKVA==

GET
H2 200 6060861.js Show response
js.hs-banner.com/ 27 KB
7 KB 47ms
46ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/6060861.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6060861.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79e09fb5422acbb57e1c28a4ec6ba94ea8a5446fbac460b5e27c4339bd5c33d

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-origin: https://www.easytithe.com
status: 200
x-guploader-uploadid: AEnB2UpwlE9F4ucGhRdNjMMKS0EDBgQM8df18imIon7ze-s5VklbNZvJufCo-mglB565YY27osMhMgIPNrV6h3PcAxovKyO-oQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-ray: 580c22b4dfa0d6e1-FRA
last-modified: Wed, 25 Mar 2020 17:04:49 GMT
server: cloudflare
etag: W/"4bf1fa19e155d1f5c92b29b7522d197d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
x-goog-hash: crc32c=zZYIew==, md5=S/H6GeFV0fXJKym3Ui0ZfQ==
content-type: text/javascript
x-goog-generation: 1585155889863979
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 27379
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 08 Apr 2020 12:59:12 GMT

GET
H/1.1 200
OK get_dynamic_config.js Show response
secure.livechatinc.com/licence/4760001/v2/ 1 KB
2 KB 227ms
160ms Script
application/javascript 23.196.234.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/4760001/v2/get_dynamic_config.js?t=1586350452021&referrer=&url=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F&params=&channel_type=code&jsonp=__lc_data_235531
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.196.234.107 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-234-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a669c7021292dd3e694204e328f75747c330c6a41def4b241f0fbf8535461799

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Wed, 08 Apr 2020 12:54:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Expose-Headers: X-RateLimit-Remaining, X-RateLimit-Reset
Cache-Control: max-age=0, no-cache, no-store
X-RateLimit-Reset: 1586350457
X-RateLimit-Remaining: 4999
Connection: keep-alive
Content-Length: 546
Expires: Wed, 08 Apr 2020 12:54:12 GMT

OPTIONS
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 18 B
683 B 137ms
118ms XHR
text/plain 2606:4700::6812:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=6060861&conversations-embed=static-1.6253&mobile=false&messagesUtk=c16d6b2c23834798945897c21a2a778c&traceId=c16d6b2c23834798945897c21a2a778c

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method: GET
Origin: https://www.activescreening.com
Referer: https://www.activescreening.com/billing-notice/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-hubspot-messages-uri

Response headers

date: Wed, 08 Apr 2020 12:54:12 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
content-length: 18
allow: HEAD,GET,OPTIONS
server: cloudflare
x-trace: 2B7D0A3C85891ACD5DD2DC6741918C87520E279E58000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.activescreening.com
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 580c22b56ac1978a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 281 B
401 B 132ms
132ms XHR
application/json 2606:4700::6812:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.activescreening.com
URL: https://www.activescreening.com/billing-notice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c36381a8937f1f97116cb996f9f273284aa3df17dac9e09e053cb72c4088886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.activescreening.com/billing-notice/
Origin: https://www.activescreening.com
Sec-Fetch-Dest: empty
X-HubSpot-Messages-Uri: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 12:54:12 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
content-length: 218
server: cloudflare
x-trace: 2B53BC70BCADD5EE65343428CB65945E399D55D69B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.activescreening.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 580c22b62b9e978a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H/1.1 200
OK get_static_config.0.2424.10.11.502.15.199.53.12.34.5.12.6.js Show response
secure.livechatinc.com/licence/4760001/v2/ 6 KB
3 KB 205ms
205ms Script
application/javascript 23.196.234.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/4760001/v2/get_static_config.0.2424.10.11.502.15.199.53.12.34.5.12.6.js?&jsonp=__lc_data_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.196.234.107 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-234-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7cae5064237bff9794e663b33ca782f0249545f42236c496808d4dbe3d5888bd

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 08 Apr 2020 12:54:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS, POST
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://api.chat.io
Access-Control-Expose-Headers: location
Cache-Control: public, max-age=596
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type, accept
Content-Length: 2061
Expires: Wed, 08 Apr 2020 13:04:08 GMT

GET
H/1.1 200
OK open_chat.cgi
secure.livechatinc.com/licence/4760001/v2/ Frame 0828 0
0 155ms
155ms Document
text/html 23.196.234.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/4760001/v2/open_chat.cgi?license=4760001&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.196.234.107 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-234-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: secure.livechatinc.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.activescreening.com/billing-notice/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: __livechat=lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Den%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1586350452%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1586350452.93a636cb44%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.activescreening.com/billing-notice/

Response headers

Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Wed, 08 Apr 2020 12:54:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 08 Apr 2020 12:54:12 GMT
Content-Length: 1499
Connection: keep-alive

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/ 25 B
287 B 118ms
117ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/json?portalId=6060861

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca00241642bf2ae0bedf8d700422a9dcda1f58f4bce5bac2d9bca39cc02ac902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.activescreening.com/billing-notice/
Origin: https://www.activescreening.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 12:54:12 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 25
server: cloudflare
x-trace: 2B94A0147F5084C1763B098EEDCC3A81FB4A99B6FA000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.activescreening.com
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 580c22ba697ed6e1-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
232 B 37ms
37ms Image
image/gif 2606:4700::6812:b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=6060861&rcu=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F&pu=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F&t=Billing+Notice+-+Active+Screening&cts=1586350452870&vi=319122fecba0688b3fea70797a61c690&nc=true&u=69775183.319122fecba0688b3fea70797a61c690.1586350452867.1586350452867.1586350452867.1&b=69775183.1.1586350452867

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 08 Apr 2020 12:54:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 580c22ba7f5616e6-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

GET
H2

200

active-screening-dark.png
www.activescreening.com/wp-content/uploads/2019/07/
Redirect Chain

https://activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png
https://www.activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png

5 KB
5 KB

100ms
100ms

Image
image/png

3.220.14.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.14.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-14-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 256309ec497ccfe52284c3390213ca4545a1ab7f20fa796a702fe933b89d2228

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 12:54:13 GMT
last-modified: Fri, 27 Mar 2020 04:15:47 GMT
server: nginx
access-control-allow-origin: *
etag: "5e7d7df3-139a"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5018

Redirect headers

date: Wed, 08 Apr 2020 12:54:12 GMT
server: EasyRedir
location: https://www.activescreening.com/wp-content/uploads/2019/07/active-screening-dark.png
content-type: text/html
status: 301
cache-control: no-store, no-cache, must-revalidate
content-length: 166
expires: Wed, 08 Apr 2020 12:54:12 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
357 B 162ms
161ms XHR
application/json 2606:4700::6812:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=6060861&utk=319122fecba0688b3fea70797a61c690&__hstc=69775183.319122fecba0688b3fea70797a61c690.1586350452867.1586350452867.1586350452867.1&__hssc=69775183.1.1586350452867&currentUrl=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9233699f389b62f42298e156ccddf9524795815601bdd6f9eb74f6efd67783a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.activescreening.com/billing-notice/
Origin: https://www.activescreening.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 12:54:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-ray: 580c22bad90c978a-FRA
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.activescreening.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 78 KB
29 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-924569021

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2e9f674751f6958803e112d059a6470ff773ba4b5553424cf2fc3bb59d3c5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:13 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29578
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Apr 2020 12:54:13 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
10 KB 45ms
45ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-924569021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1cc657c390692096c0fd899fb5ddeb76eb79981db1154ab3decc1e81414516dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 12:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10566
x-xss-protection: 0
server: cafe
etag: 4103526559094646519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Apr 2020 12:54:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/924569021/ 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924569021/?random=1586350453088&cv=9&fst=1586350453088&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F&tiba=Billing%20Notice%20-%20Active%20Screening&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e95159ec77d8ac95dd189c2c47c992fa165b94a96e998c7824741ce87a1305d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 08 Apr 2020 12:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1037
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/924569021/ 42 B
122 B 27ms
27ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/924569021/?random=1586350453088&cv=9&fst=1586347200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F&tiba=Billing%20Notice%20-%20Active%20Screening&async=1&fmt=3&is_vtc=1&random=1536397228&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 08 Apr 2020 12:54:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/924569021/ 42 B
110 B 22ms
22ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/924569021/?random=1586350453088&cv=9&fst=1586347200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.activescreening.com%2Fbilling-notice%2F&tiba=Billing%20Notice%20-%20Active%20Screening&async=1&fmt=3&is_vtc=1&random=1536397228&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activescreening.com/billing-notice/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 08 Apr 2020 12:54:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content new_message.a37211a6.ogg
cdn.livechatinc.com/widget/static/media/ 11 KB
12 KB 41ms
40ms Media
application/octet-stream 23.213.14.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/media/new_message.a37211a6.ogg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.213.14.101 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-14-101.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d

Request headers

Referer: https://www.activescreening.com/billing-notice/
Sec-Fetch-Dest: audio
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: Fd28HDfEGNIiQLnbsXY26uGu4aBLIZqj
Last-Modified: Mon, 23 Mar 2020 13:21:33 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
ETag: "a37211a6cfcda45352d5abcff1e446bb"
Content-Type: application/octet-stream
Content-Range: bytes 0-11403/11404
Cache-Control: max-age=31536000
Date: Wed, 08 Apr 2020 12:54:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 11404
X-Amz-Cf-Id: EVfdsfcrmJwFqsNdm-AF9yPo8EOJNv7Zy0REBiTJOhNrs3QcKCIHiw==
Expires: Thu, 08 Apr 2021 12:54:13 GMT

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.livechatinc.com/licence/4760001	1970-01-20 11:39:10	Name: __livechat Value: lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Den%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1586350452%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1586350452.93a636cb44%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0
fs24.formsite.com/	1970-01-19 08:49:15	Name: AWSALBCORS Value: Suwfsy8JxFlQ/vI9NbFrUHXMALIzyudv8s7LfbJ5Poqr5DUhEBm9GAkWqo1NUtfnyzkOLUXJWUpzb5n9TjG1IoQVGHrcemcetivI+7mMNM+Hwo6JQZHAeXEY8PUJ
fs24.formsite.com/	1970-01-19 08:49:15	Name: AWSALB Value: Suwfsy8JxFlQ/vI9NbFrUHXMALIzyudv8s7LfbJ5Poqr5DUhEBm9GAkWqo1NUtfnyzkOLUXJWUpzb5n9TjG1IoQVGHrcemcetivI+7mMNM+Hwo6JQZHAeXEY8PUJ
fs24.formsite.com/res	1969-12-31 23:59:59	Name: JSESSIONID Value: 972E7509CFFF30DF1E2AF89A0948E9E7
.activescreening.com/	1970-01-19 08:39:12	Name: __hssc Value: 69775183.1.1586350452867
.activescreening.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.activescreening.com/	1970-01-19 18:00:46	Name: hubspotutk Value: 319122fecba0688b3fea70797a61c690
.activescreening.com/	1970-01-19 18:00:46	Name: __hstc Value: 69775183.319122fecba0688b3fea70797a61c690.1586350452867.1586350452867.1586350452867.1
.activescreening.com/	1970-01-19 17:11:48	Name: _hjid Value: 054922d6-13d1-4853-9a2a-3e7d86be4f86
.activescreening.com/	1970-01-19 08:39:10	Name: _dc_gtm_UA-44443170-1 Value: 1
.activescreening.com/	1970-01-20 02:10:22	Name: _ga Value: GA1.2.917833647.1586350452
.activescreening.com/	1970-01-19 08:40:36	Name: _gid Value: GA1.2.1701140518.1586350452
.activescreening.com/	1970-01-19 10:48:46	Name: _gcl_au Value: 1.1.456577629.1586350452

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.activescreening.com/wp-content/cache/min/1/7eb5090ef735b5bd5c7c4b25d086020e.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activescreening.com
api.hubapi.com
api.hubspot.com
cdn.livechatinc.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
fs24.formsite.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
js.usemessages.com
script.hotjar.com
secure.livechatinc.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
vars.hotjar.com
www.activescreening.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
147.75.102.203
147.75.33.229
172.217.16.130
23.196.234.107
23.213.14.101
2606:4700::6811:47b0
2606:4700::6811:70b0
2606:4700::6811:c9cc
2606:4700::6811:d2cc
2606:4700::6811:e9cc
2606:4700::6811:eccc
2606:4700::6812:14bf
2606:4700::6812:a59
2606:4700::6812:b59
2a00:1450:4001:800::2008
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9c
3.220.14.62
34.201.198.244
34.213.106.51
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
1cc657c390692096c0fd899fb5ddeb76eb79981db1154ab3decc1e81414516dd
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1e95159ec77d8ac95dd189c2c47c992fa165b94a96e998c7824741ce87a1305d
256309ec497ccfe52284c3390213ca4545a1ab7f20fa796a702fe933b89d2228
2794b3d67ebe2a0a76c384d534d17d7f815d25cea7675116af2319ac3bc6ee91
542f4c5a2d45a9033a42391865fdc0f350e6d0ac812c0066e7e13f089cabf979
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
59c935a88a9f6ade6a5757676bd7c44218c22053f8db6bf5d0f45e7600ff7d1a
60a0550b0f093cec62d5a182da3792a56568fe454421231243141c37aa13bad2
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
7cae5064237bff9794e663b33ca782f0249545f42236c496808d4dbe3d5888bd
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f9d272a313ad3156b627574867ecf5d9031630146a7f0c943ced04034432a8b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9233699f389b62f42298e156ccddf9524795815601bdd6f9eb74f6efd67783a7
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
969d3b8c3b846ba9d4dd5fa3936ec2c610f4f9f67f6f880cc9b00ebda3414083
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a669c7021292dd3e694204e328f75747c330c6a41def4b241f0fbf8535461799
b2e9f674751f6958803e112d059a6470ff773ba4b5553424cf2fc3bb59d3c5d1
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b79e09fb5422acbb57e1c28a4ec6ba94ea8a5446fbac460b5e27c4339bd5c33d
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb4bd29b1e3216327587aa152004737781ef2aeb69e191f160bc8298ac546e82
c36381a8937f1f97116cb996f9f273284aa3df17dac9e09e053cb72c4088886e
ca00241642bf2ae0bedf8d700422a9dcda1f58f4bce5bac2d9bca39cc02ac902
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cfa5a29bd9155a6a8a0e4af8cb8aed939c9c73d454de40ffafa401838b485055
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d3ce798ecb4027eb40f8b8908b78ebc8f52c47b4712fdba16b744054c934b795
d5530aafa1036fbe0f8f41c012249ae0d3c8844d1fc569e4e99048338a143218
d73ae338911ac26a2a294250fb264f62828bf4a12b33e1d2f989a489f4a93932
dbea947071b2f06b082ed7b6045ccf0170b389c3782f03f3614fa3cf80692d7c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e10fe305a69ffd9580cfce82af3462e113ff1d228a4e113823f81b055bd06cbe
e58eba9d9688363663a3aeb63fd6d70c0173c77848a146e4feb34bb5a6f9b42f
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eda81dddaa29113995c8ccb55bc8df89e5f46a4f4f49e62fe4d35f869b2a5292
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f86dea7658e3168bf7930a2fe6a263d3eed65efba1cec9afdc6921245711fbf8
fabbd716280946af7756a9027034b842b123ce25f5b75fe1bdca0a3251b9c00d

www.activescreening.com Open in urlscan Pro 3.220.14.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

68 %IPv6

20 Domains

27 Subdomains

24 IPs

5 Countries

1139 kBTransfer

4176 kBSize

13 Cookies

7 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.activescreening.com Open in urlscan Pro
3.220.14.62 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

68 %
IPv6

20
Domains

27
Subdomains

24
IPs

5
Countries

1139 kB
Transfer

4176 kB
Size

13
Cookies

52 HTTP transactions
1 data transactions