Submitted URL: http://click.email-unionplus.org/?qs=bcef53442149657f036788f3cd3674fbd4772982d69600bc77979787ad39def9ea2e859b346a730c768a412cb8a5...
Effective URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=...
Submission: On September 27 via api from US — Scanned from DE

Summary

This website contacted 19 IPs in 5 countries across 17 domains to perform 56 HTTP transactions. The main IP is 151.101.130.216, located in United States and belongs to FASTLY, US. The main domain is www.unionplus.org. The Cisco Umbrella rank of the primary domain is 666748.
TLS certificate: Issued by R3 on August 30th 2022. Valid for: 3 months.
This is the only time www.unionplus.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
23 unionplus.org
www.unionplus.org — Cisco Umbrella Rank: 666748
content.unionplus.org
1 MB
6 google.com
cse.google.com — Cisco Umbrella Rank: 2467
www.google.com — Cisco Umbrella Rank: 2
116 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3329
7 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2989
61 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6352
655 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
222 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
11 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
111 KB
2 evergage.com
unionplus.us-4.evergage.com
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
142 KB
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
549 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
2 KB
1 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2302
6 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 4307
41 KB
1 email-unionplus.org
click.email-unionplus.org
420 B
56 17
Domain Requested by
17 www.unionplus.org 1 redirects www.unionplus.org
www.googletagmanager.com
6 content.unionplus.org www.unionplus.org
5 www.google.com cse.google.com
www.unionplus.org
4 tags.srv.stackadapt.com www.unionplus.org
tags.srv.stackadapt.com
3 www.google-analytics.com www.googletagmanager.com
www.unionplus.org
2 www.google.de www.unionplus.org
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.facebook.com www.unionplus.org
2 connect.facebook.net www.unionplus.org
connect.facebook.net
2 unionplus.us-4.evergage.com cdn.evgnet.com
2 www.googletagmanager.com www.unionplus.org
www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 pixel.quantserve.com www.unionplus.org
1 pxl.qccerttest.com www.unionplus.org
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com www.unionplus.org
1 quantcast.mgr.consensu.org www.unionplus.org
1 www.googleadservices.com www.googletagmanager.com
1 cdn.evgnet.com www.unionplus.org
1 cse.google.com www.unionplus.org
1 click.email-unionplus.org 1 redirects
56 22
Subject Issuer Validity Valid
unionplus.org
R3
2022-08-30 -
2022-11-28
3 months crt.sh
*.google.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
cdn.evergage.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-13 -
2023-04-12
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.us-4.evergage.com
Amazon
2022-08-22 -
2023-09-19
a year crt.sh
content.unionplus.org
R3
2022-09-10 -
2022-12-09
3 months crt.sh
www.google.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-07-06 -
2022-10-04
3 months crt.sh
*.cmp.quantcast.com
R3
2022-08-22 -
2022-11-20
3 months crt.sh
*.srv.stackadapt.com
Amazon
2021-11-09 -
2022-12-07
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
qccerttest.com
Amazon
2022-04-04 -
2023-05-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
www.google.de
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Frame ID: F3A9C3141E73670441DB583745BA65CA
Requests: 53 HTTP requests in this frame

Screenshot

Page Title

Not Found | Union Plus

Page URL History Show full URLs

  1. http://click.email-unionplus.org/?qs=bcef53442149657f036788f3cd3674fbd4772982d69600bc77979787ad39def9ea2e859b... HTTP 302
    https://www.unionplus.org//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm... HTTP 307
    https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

56
Requests

100 %
HTTPS

70 %
IPv6

17
Domains

22
Subdomains

19
IPs

5
Countries

1742 kB
Transfer

6104 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.email-unionplus.org/?qs=bcef53442149657f036788f3cd3674fbd4772982d69600bc77979787ad39def9ea2e859b346a730c768a412cb8a50a4d32ad064184bd5abf HTTP 302
    https://www.unionplus.org//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020 HTTP 307
    https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
www.unionplus.org/error/404//benefits/home-auto/
Redirect Chain
  • http://click.email-unionplus.org/?qs=bcef53442149657f036788f3cd3674fbd4772982d69600bc77979787ad39def9ea2e859b346a730c768a412cb8a50a4d32ad064184bd5abf
  • https://www.unionplus.org//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
  • https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
460 KB
46 KB
Document
General
Full URL
https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0190a19598daefce6eff4c8405c79b908048b3f4625d3c37fcf943944fc523c6
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 0 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10416
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-length
46602
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none unsafe-none
date
Tue, 27 Sep 2022 15:02:07 GMT
etag
W/"72e7c-Icv+vfOwVh0kZqKphAD7JzkSu58"
expect-ct
max-age=0, enforce max-age=0, enforce
referrer-policy
no-referrer no-referrer
strict-transport-security
max-age=31557600
vary
Accept-Encoding
x-cache
HIT, HIT
x-cache-hits
3, 1
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-dns-prefetch-control
on on
x-download-options
noopen noopen
x-frame-options
SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies
none none
x-platform-server
i-0cb0acdca691d8ef6 i-0cb0acdca691d8ef6
x-request-id
00-1718b64ec0ac9089f4cb405788afe074-96b05763918e29e3-00
x-served-by
cache-iad-kiad7000077-IAD, cache-hhn4072-HHN
x-xss-protection
0 0

Redirect headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
318
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none unsafe-none
date
Tue, 27 Sep 2022 15:02:07 GMT
etag
W/"13e-9a114SciLpNTcBNPXdYJ5Cw8QnE"
expect-ct
max-age=0, enforce max-age=0, enforce
location
//www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
referrer-policy
no-referrer no-referrer
strict-transport-security
max-age=31557600
vary
Accept-Encoding
x-cache
MISS, MISS
x-cache-hits
0, 0
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-dns-prefetch-control
on on
x-download-options
noopen noopen
x-frame-options
SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies
none none
x-platform-server
i-0cb0acdca691d8ef6 i-0cb0acdca691d8ef6
x-request-id
00-1718bfc7b74000f1eb99740a700ab537-d68b3786a88427ec-00
x-served-by
cache-iad-kcgs7200134-IAD, cache-hhn4072-HHN
x-xss-protection
0 0
vendor-e60d21f94b2f30d7f8a7a35803bec76e.css
www.unionplus.org/assets/
22 KB
5 KB
Stylesheet
General
Full URL
https://www.unionplus.org/assets/vendor-e60d21f94b2f30d7f8a7a35803bec76e.css
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd0a0c0586d2629c6578a888c23222b9193f69321aa40af6389678e38fd47b45
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-encoding
gzip
etag
W/"5631-182fa369790"
x-platform-server
i-0cb0acdca691d8ef6, i-0cb0acdca691d8ef6
x-permitted-cross-domain-policies
none
age
1721757
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
4619
x-xss-protection
0
x-request-id
00-1712a1da3866fbb399e3f5ad44a6e2aa-a91ba5ab558e6bfc-00
x-served-by
cache-iad-kcgs7200063-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Thu, 01 Sep 2022 18:00:58 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
unionplus-201299ec870222327bcf2243e006ff19.css
www.unionplus.org/assets/
553 KB
91 KB
Stylesheet
General
Full URL
https://www.unionplus.org/assets/unionplus-201299ec870222327bcf2243e006ff19.css
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98b40fe597a74ab4dc23c5d3890f8877eee409803ca4164b162bcc156dfea3ee
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-encoding
gzip
etag
W/"8a360-182fa369790"
x-platform-server
i-0cb0acdca691d8ef6, i-0cb0acdca691d8ef6
x-permitted-cross-domain-policies
none
age
2235532
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
92882
x-xss-protection
0
x-request-id
00-1710ce9384092cd6a1e2dd7455429196-43ba72ee0a1f56c2-00
x-served-by
cache-iad-kiad7000061-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Thu, 01 Sep 2022 18:00:58 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
logo-up.svg
www.unionplus.org/assets/images/2020/
9 KB
4 KB
Image
General
Full URL
https://www.unionplus.org/assets/images/2020/logo-up.svg
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3124b9708bbb323613933e7f56170d5137709387eddade0f8db101d2f4cfeb82
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-encoding
gzip
etag
W/"228d-182fa321f08"
x-platform-server
i-0e6d71c2eb85d5c9d, i-0e6d71c2eb85d5c9d
x-permitted-cross-domain-policies
none
age
1206810
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
3445
x-xss-protection
0
x-request-id
00-171476319aae367c527164023d876d0e-d0975a0df7a7e050-00
x-served-by
cache-iad-kiad7000129-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Thu, 01 Sep 2022 17:56:05 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
Accept-Encoding,Origin
x-download-options
noopen
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
5002, 1
up-logo-white.svg
www.unionplus.org/assets/images/2020/
5 KB
3 KB
Image
General
Full URL
https://www.unionplus.org/assets/images/2020/up-logo-white.svg
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4028173caafe4e183a6a23b0efc4dc80c619d34f84e4278152a7099999b2a57
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-encoding
gzip
etag
W/"1428-1826509eac8"
x-platform-server
i-0cb0acdca691d8ef6, i-0cb0acdca691d8ef6
x-permitted-cross-domain-policies
none
age
4315183
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
2567
x-xss-protection
0
x-request-id
00-17096b24ea845fb7ef0faf9078b66ff9-8202859ea731f3cf-00
x-served-by
cache-iad-kiad7000116-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Wed, 03 Aug 2022 18:48:45 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
Accept-Encoding,Origin
x-download-options
noopen
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
montserrat-v14-latin-500.woff2
www.unionplus.org/assets/fonts/type/
19 KB
19 KB
Font
General
Full URL
https://www.unionplus.org/assets/fonts/type/montserrat-v14-latin-500.woff2
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/unionplus-201299ec870222327bcf2243e006ff19.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www.unionplus.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
etag
W/"4b48-182fa321f08"
x-platform-server
i-0e6d71c2eb85d5c9d, i-0e6d71c2eb85d5c9d
x-permitted-cross-domain-policies
none
age
1741232
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
19272
x-xss-protection
0
x-request-id
00-171290238d14f28a9609c1303233e42f-be71e96321c772ef-00
x-served-by
cache-iad-kcgs7200106-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Thu, 01 Sep 2022 17:56:05 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
(null),Origin
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
https://www.unionplus.org
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
icomoon.woff2
www.unionplus.org/assets/fonts/icons/
18 KB
18 KB
Font
General
Full URL
https://www.unionplus.org/assets/fonts/icons/icomoon.woff2?4m4qcq
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/unionplus-201299ec870222327bcf2243e006ff19.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5abb5289ae16cc6628a0685c81214c20fb6f70863377000486be0c00e679a84d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www.unionplus.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
etag
W/"4638-182fa321f08"
x-platform-server
i-0e6d71c2eb85d5c9d, i-0e6d71c2eb85d5c9d
x-permitted-cross-domain-policies
none
age
1726764
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
17976
x-xss-protection
0
x-request-id
00-17129d4c47cba41b12d2d98342a8151a-5a3eb59432b82339-00
x-served-by
cache-iad-kjyo7100160-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Thu, 01 Sep 2022 17:56:05 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
(null),Origin
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
https://www.unionplus.org
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
10818, 1
montserrat-v14-latin-700.woff2
www.unionplus.org/assets/fonts/type/
19 KB
19 KB
Font
General
Full URL
https://www.unionplus.org/assets/fonts/type/montserrat-v14-latin-700.woff2
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/unionplus-201299ec870222327bcf2243e006ff19.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www.unionplus.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
etag
W/"4c18-1826509eac8"
x-platform-server
i-0e6d71c2eb85d5c9d, i-0e6d71c2eb85d5c9d
x-permitted-cross-domain-policies
none
age
4170018
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
19480
x-xss-protection
0
x-request-id
00-1709ef2c197a05e11cc5f6614dd05d5c-82974a5d9e84cb2d-00
x-served-by
cache-iad-kiad7000051-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Wed, 03 Aug 2022 18:48:45 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
(null),Origin
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
https://www.unionplus.org
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
montserrat-v14-latin-800.woff2
www.unionplus.org/assets/fonts/type/
19 KB
20 KB
Font
General
Full URL
https://www.unionplus.org/assets/fonts/type/montserrat-v14-latin-800.woff2
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/unionplus-201299ec870222327bcf2243e006ff19.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www.unionplus.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
etag
W/"4bf0-1826509eac8"
x-platform-server
i-0cb0acdca691d8ef6, i-0cb0acdca691d8ef6
x-permitted-cross-domain-policies
none
age
2414198
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
19440
x-xss-protection
0
x-request-id
00-17102c1485856a46bbd74fab0f6614e2-9c33563c2be9d732-00
x-served-by
cache-iad-kcgs7200165-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Wed, 03 Aug 2022 18:48:45 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
(null),Origin
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
https://www.unionplus.org
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
vendor-020ed172b3d43882bf2dbe3af548b256.js
www.unionplus.org/assets/
1 MB
295 KB
Script
General
Full URL
https://www.unionplus.org/assets/vendor-020ed172b3d43882bf2dbe3af548b256.js
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73c1e68802bb3cb8b8208df0ab0d7621447189ec8155c17d7b221251766e5b80
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-encoding
gzip
etag
W/"14886f-18265103810"
x-platform-server
i-0e6d71c2eb85d5c9d, i-0e6d71c2eb85d5c9d
x-permitted-cross-domain-policies
none
age
2959119
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
301528
x-xss-protection
0
x-request-id
00-170e3c7a2bf2ed10be0d352c5d540898-81fcc6cdbda77682-00
x-served-by
cache-iad-kiad7000020-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Wed, 03 Aug 2022 18:55:38 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
unionplus-4418a3443ce4d72ebbc301c0c28325d0.js
www.unionplus.org/assets/
1 MB
132 KB
Script
General
Full URL
https://www.unionplus.org/assets/unionplus-4418a3443ce4d72ebbc301c0c28325d0.js
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b2f1da6b81deb93e1c7ffedc248d44f7a4d6783b3bae02eacda5814f6511579b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-encoding
gzip
etag
W/"104f9b-183664a58e0"
x-platform-server
i-0b42f28402ec9615c, i-0b42f28402ec9615c
x-permitted-cross-domain-policies
none
age
422230
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
134387
x-xss-protection
0
x-request-id
00-17173fc3cfd65c8e9ca5847ca406d7c4-596fd6507f0439f3-00
x-served-by
cache-iad-kjyo7100054-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Thu, 22 Sep 2022 17:41:32 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
582, 1
hero-image-error-5d34ec029d0fe99ff2a449a6dd41624a.jpg
www.unionplus.org/assets/images/2020/
458 KB
459 KB
Image
General
Full URL
https://www.unionplus.org/assets/images/2020/hero-image-error-5d34ec029d0fe99ff2a449a6dd41624a.jpg
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c9e091445bc4350e2c5eafab91bf48886c02fdaf7ae463fbfe50055a2b638e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
etag
W/"728b7-182fa368fc0"
x-platform-server
i-0e6d71c2eb85d5c9d, i-0e6d71c2eb85d5c9d
x-permitted-cross-domain-policies
none
age
1821903
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
469175
x-xss-protection
0
x-request-id
00-171246c52d9b8207ca226584a5826c91-5fe4891363e15716-00
x-served-by
cache-iad-kcgs7200136-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Thu, 01 Sep 2022 18:00:56 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
(null),Origin
x-download-options
noopen
content-type
image/jpeg
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
647, 1
montserrat-v14-latin-regular.woff2
www.unionplus.org/assets/fonts/type/
19 KB
19 KB
Font
General
Full URL
https://www.unionplus.org/assets/fonts/type/montserrat-v14-latin-regular.woff2
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/unionplus-201299ec870222327bcf2243e006ff19.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www.unionplus.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
etag
W/"4ae4-1826509eac8"
x-platform-server
i-0b42f28402ec9615c, i-0b42f28402ec9615c
x-permitted-cross-domain-policies
none
age
4238989
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
19172
x-xss-protection
0
x-request-id
00-1709b0715d5212a92bbef6e38410740e-0e8daeb6d91f5f06-00
x-served-by
cache-iad-kcgs7200037-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Wed, 03 Aug 2022 18:48:45 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
(null),Origin
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
https://www.unionplus.org
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
cse.js
cse.google.com/
10 KB
4 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=012761660448997297828:d-7mub80ajs
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
32db44006e0d3dd606b3dfaa5099db0e3da31e398a59a07d9b4330df4eb01fe9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Tue, 27 Sep 2022 15:02:07 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3488
x-xss-protection
0
server
gws
expires
Tue, 27 Sep 2022 15:02:07 GMT
evergage.min.js
cdn.evgnet.com/beacon/unionplus/engage/scripts/
146 KB
41 KB
Script
General
Full URL
https://cdn.evgnet.com/beacon/unionplus/engage/scripts/evergage.min.js
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/unionplus-4418a3443ce4d72ebbc301c0c28325d0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36a7a1eb1f76634799e30f764e687d792495017acb67a203a7f5a594bbfaa48f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
Vs4y09LSGhgqJgFl5Xu7NtI8vs_XdV2P
content-encoding
gzip
etag
"fc21bedada4328ae268576efe331463d"
timing-allow-origin
*
age
32
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
41438
x-amz-id-2
pniCQw+GfYo8YkZU2UlCtJWQNUUyEKo3CP+UjvWBo6m9+hSAfezCbHOpeTKbAa7ajUQTyEhQlAQ=
x-served-by
cache-iad-kiad7000043-IAD, cache-hhn4050-HHN
x-amz-meta-evergage-sum
d9a26ffda97f9ed5117851960de2b809d4645cf4
last-modified
Mon, 19 Sep 2022 15:41:32 GMT
server
AmazonS3
x-timer
S1664290928.792006,VS0,VE1
date
Tue, 27 Sep 2022 15:02:07 GMT
vary
Accept-Encoding
x-amz-request-id
9DVMNNHQYBF2Z6AF
via
1.1 varnish, 1.1 varnish
cache-control
max-age=120
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-meta-evergage-beacon-ver
16
x-cache-hits
1, 1
gtm.js
www.googletagmanager.com/
202 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WG83D6
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/vendor-020ed172b3d43882bf2dbe3af548b256.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6db30a127964bdb2142cf87432659c300d6cd50cbe1bc01f7f8c63425a64dbbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 15:02:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69819
x-xss-protection
0
expires
Tue, 27 Sep 2022 15:02:07 GMT
chunk.10.cfecc2d93a73b12882dc.js
www.unionplus.org/assets/
175 KB
55 KB
Script
General
Full URL
https://www.unionplus.org/assets/chunk.10.cfecc2d93a73b12882dc.js
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/vendor-020ed172b3d43882bf2dbe3af548b256.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c478a582c7eee7cdcd0c2e5638915f49c9a857dd9a30d94e6be2efb8e7a42cb
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-encoding
gzip
etag
W/"2bb71-182fa36d228"
x-platform-server
i-0cb0acdca691d8ef6, i-0cb0acdca691d8ef6
x-permitted-cross-domain-policies
none
age
1834091
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
55961
x-xss-protection
0
x-request-id
00-17123baf57e0a0b154e64aaafcd188ec-c9516e4b193d4139-00
x-served-by
cache-iad-kcgs7200059-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Thu, 01 Sep 2022 18:01:13 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:07 GMT
expect-ct
max-age=0, enforce
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
1, 1
engage
unionplus.us-4.evergage.com/api2/event/
137 B
699 B
XHR
General
Full URL
https://unionplus.us-4.evergage.com/api2/event/engage?event=eyJpdGVtQWN0aW9uIjpudWxsLCJzb3VyY2UiOnsicGFnZVR5cGUiOiJkZWZhdWx0IiwiY29udGVudFpvbmVzIjpbImhlcm9faG9tZV90ZXh0IiwiaGVyb19ob21lX2NhbGxvdXQiXSwidXJsIjoiaHR0cHM6Ly93d3cudW5pb25wbHVzLm9yZy9lcnJvci80MDQvYmVuZWZpdHMvaG9tZS1hdXRvL3dlbGxzLWZhcmdvLW1vJWUyJTgwJWE2dXJjZT13ZWxjb21lJnV0bV9tZWRpdW09ZW1haWwmdXRtX2NhbXBhaWduPVdlbGNvbWVTZXJpZXMyMDIwIiwidXJsUmVmZXJyZXIiOiIiLCJjaGFubmVsIjoiV2ViIiwiYmVhY29uVmVyc2lvbiI6MTYsImNvbmZpZ1ZlcnNpb24iOiI2MiJ9LCJmbGFncyI6eyJwYWdlVmlldyI6dHJ1ZX0sInVzZXIiOnsiYXR0cmlidXRlcyI6e30sImFub25JZCI6IjZiOGY2MzQ5NzBlMWI2Y2YifSwicGVyZm9ybWFuY2UiOnt9LCJkZWJ1ZyI6eyJleHBsYW5hdGlvbnMiOnRydWV9LCJjYXRhbG9nIjp7fSwiY29uc2VudHMiOltdLCJhY2NvdW50Ijp7fSwiX3Rvb2xzRXZlbnRMaW5rSWQiOiI1ODgwNTk1NjgzMTIxMjkifQ%3D%3D
Requested by
Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/unionplus/engage/scripts/evergage.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.58.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-58-247.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
4c410773230d94c3cc6fd572102f7cea86006d169254bbb6680cd46ea1ac7e74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 15:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.unionplus.org
access-control-allow-credentials
true
timing-allow-origin
*
terms
content.unionplus.org/api/v0/
0
0
Preflight
General
Full URL
https://content.unionplus.org/api/v0/terms?bundle=union
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.unionplus.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
accept, authorization, content-type, origin, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://www.unionplus.org
access-control-max-age
86400
cache-control
no-cache, private
date
Tue, 27 Sep 2022 15:02:08 GMT
strict-transport-security
max-age=31557600
vary
(null),Origin
x-cache
MISS, MISS
x-cache-hits
0, 0
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-server
i-0e6d71c2eb85d5c9d i-0e6d71c2eb85d5c9d
x-request-id
00-1718bfc80279393e8409f78296c14801-f2313f6828386c98-00
x-served-by
cache-iad-kjyo7100168-IAD, cache-hhn4047-HHN
terms
content.unionplus.org/api/v0/
289 KB
25 KB
XHR
General
Full URL
https://content.unionplus.org/api/v0/terms?bundle=union
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/vendor-020ed172b3d43882bf2dbe3af548b256.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
033e950108df026459a34c0baf123b64ee244269f4462caebd116edb1d323851
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/vnd.api+json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/vnd.api+json

Response headers

date
Tue, 27 Sep 2022 15:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-platform-server
i-0e6d71c2eb85d5c9d, i-0e6d71c2eb85d5c9d
age
496537
x-cache
HIT, HIT
x-drupal-dynamic-cache
MISS
vary
Cookie, Origin, Accept-Encoding
content-length
25615
x-request-id
00-1716fc2ef15288128ba203792d970693-d16547af4dabaaf7-00
x-ua-compatible
IE=edge
last-modified
Wed, 21 Sep 2022 21:06:03 GMT
x-frame-options
SAMEORIGIN
etag
"1663794363"
x-served-by
cache-iad-kiad7000169-IAD, cache-hhn4047-HHN
strict-transport-security
max-age=31557600
content-language
en
access-control-allow-origin
https://www.unionplus.org
expires
Sun, 19 Nov 1978 05:00:00 GMT
cache-control
public, max-age=300
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-type
application/vnd.api+json
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
166, 3
cse_element__en.js
www.google.com/cse/static/element/fd562c898514f252/
303 KB
101 KB
Script
General
Full URL
https://www.google.com/cse/static/element/fd562c898514f252/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=012761660448997297828:d-7mub80ajs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc8d1a7e1de17078283415c9685204a70ea812c592956b5600a6b9e24e9b2c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103187
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 20:48:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 27 Sep 2023 07:47:17 GMT
default+en.css
www.google.com/cse/static/element/fd562c898514f252/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/fd562c898514f252/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=012761660448997297828:d-7mub80ajs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 14:50:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 20:48:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 27 Sep 2023 14:50:53 GMT
default.css
www.google.com/cse/static/style/look/v4/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=012761660448997297828:d-7mub80ajs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 14:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 27 Sep 2022 15:29:57 GMT
optimize.js
www.google-analytics.com/gtm/
104 KB
41 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-P3LFG3J
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WG83D6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8e6e889141fc6ceac4d75e4d1430e71fbb559658ca3278bb6e415a3841c83dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 15:02:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41448
x-xss-protection
0
expires
Tue, 27 Sep 2022 15:02:08 GMT
conversion_async.js
www.googleadservices.com/pagead/
41 KB
16 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WG83D6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 15:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15697
x-xss-protection
0
server
cafe
etag
1764007376392519731
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Sep 2022 15:02:08 GMT
fbevents.js
connect.facebook.net/en_US/
101 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-xss-protection
0
pragma
public
x-fb-debug
fsjXfLfwJG+nSDoLs7PBBsq24W90LH3TWjLbak4375F4RNf13ClmV9R7hWBUphmmMxGG9ni3zR6/PgiUf7VCRA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 27 Sep 2022 15:02:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
quantcast-choice.css
www.unionplus.org/static/quantcast-choice/
828 B
775 B
Stylesheet
General
Full URL
https://www.unionplus.org/static/quantcast-choice/quantcast-choice.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WG83D6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bfb52bdb89569e6a5d1e67f7ec0cf09abac35f3a46df4bececdc20d75d573591
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-encoding
gzip
etag
W/"33c-18265105368"
x-platform-server
i-0b42f28402ec9615c, i-0b42f28402ec9615c
x-permitted-cross-domain-policies
none
age
4161877
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
219
x-xss-protection
0
x-request-id
00-1709f6938cde4312068c3de2f89ca932-b2bc9eadda509610-00
x-served-by
cache-iad-kiad7000166-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Wed, 03 Aug 2022 18:55:45 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:08 GMT
expect-ct
max-age=0, enforce
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
3, 1
quantcast-choice.js
www.unionplus.org/static/quantcast-choice/
4 KB
2 KB
Script
General
Full URL
https://www.unionplus.org/static/quantcast-choice/quantcast-choice.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WG83D6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8380b9107bd9c133527b04e2df5710da547541f4feb013ab6a5ef38c40763177
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
content-encoding
gzip
etag
W/"ed1-182fa375310"
x-platform-server
i-0cb0acdca691d8ef6, i-0cb0acdca691d8ef6
x-permitted-cross-domain-policies
none
age
1762230
x-dns-prefetch-control
on
x-cache
HIT, HIT
strict-transport-security
max-age=31557600
content-length
1617
x-xss-protection
0
x-request-id
00-17127d0abace25997a5b64daafa0a3f9-6dbb8eac35845f55-00
x-served-by
cache-iad-kiad7000020-IAD, cache-hhn4072-HHN
referrer-policy
no-referrer
last-modified
Thu, 01 Sep 2022 18:01:46 GMT
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
date
Tue, 27 Sep 2022 15:02:08 GMT
expect-ct
max-age=0, enforce
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
10009, 1
cmp.js
quantcast.mgr.consensu.org/
16 KB
6 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:de00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 15:01:22 GMT
content-encoding
br
etag
W/"51870ee6d5cb32ca5311356b296af21f"
last-modified
Tue, 09 Mar 2021 20:17:06 GMT
server
AmazonS3
age
67
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
gT6ukHg6TLW0scz4yMrALs6yhZKhbxF8Og274dQKhV2EI4CcsT6Odg==
events.js
tags.srv.stackadapt.com/
17 KB
6 KB
Script
General
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-206-121.compute-1.amazonaws.com
Software
/
Resource Hash
af6c6745814a18e22f163eb02dde6379bba59b43e10b7045e5a93d72c99c352d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Sep 2022 15:02:08 GMT
Content-Encoding
gzip
Cache-Control
max-age=5
Content-Length
5406
Connection
keep-alive
Content-Type
text/javascript
quant.js
secure.quantserve.com/
26 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404//benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 15:02:08 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 04 Oct 2022 15:02:08 GMT
469352173233592
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/469352173233592?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c4c3948f005514199276a2bdc3189220e8476c0ceaa9ffaf3af3c794c579d7a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85972
x-xss-protection
0
pragma
public
x-fb-debug
c+D3GcwTYPgs6sLxJPlOx7eaRyAde9vVqrBAYMAZz47LGFns7+NV1t9psMoRYnxbVcMwG8WgB2DegDSLbRLeTg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 27 Sep 2022 15:02:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
204 B
Image
General
Full URL
https://www.facebook.com/tr/?id=469352173233592&ev=PageView&dl=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020&rl=&if=false&ts=1664290928104&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1664290928103.162974567&it=1664290928062&coo=false&rqm=GET
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404/benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 27 Sep 2022 15:02:08 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
rules-p--G9rZRs5Ek2rg.js
rules.quantcount.com/
2 KB
2 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p--G9rZRs5Ek2rg.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55e7e1e8840da899ec55ad6e24f911533321ff908ac5c85e6a119bcb85dd2153

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 14:49:46 GMT
content-encoding
gzip
age
764
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Tue, 23 Aug 2022 16:04:06 GMT
server
AmazonS3
etag
W/"d00a326b47e2556b2a59a34f14d460f6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
3K_vT7UuaF5qY4x6ZN9rMfNdSVFS5f0OwvBjk_YOpoeK9rLexvav4g==
menus
content.unionplus.org/api/v0/
92 KB
10 KB
XHR
General
Full URL
https://content.unionplus.org/api/v0/menus
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/vendor-020ed172b3d43882bf2dbe3af548b256.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6a52f3624d40299d58fb3edc7ff0758d47b7ca45aaac1508608ef0b7fce55459
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/vnd.api+json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/vnd.api+json

Response headers

date
Tue, 27 Sep 2022 15:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-platform-server
i-0cb0acdca691d8ef6, i-0cb0acdca691d8ef6
age
496537
x-cache
HIT, HIT
x-drupal-dynamic-cache
MISS
vary
Cookie, Origin, Accept-Encoding
content-length
10371
x-request-id
00-1716fc2eff07176ae97553a815cf4a5d-e9bad20f55559251-00
x-ua-compatible
IE=edge
last-modified
Wed, 21 Sep 2022 21:06:04 GMT
x-frame-options
SAMEORIGIN
etag
"1663794364"
x-served-by
cache-iad-kjyo7100022-IAD, cache-hhn4047-HHN
strict-transport-security
max-age=31557600
content-language
en
access-control-allow-origin
https://www.unionplus.org
expires
Sun, 19 Nov 1978 05:00:00 GMT
cache-control
public, max-age=300
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-type
application/vnd.api+json
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
283, 3
states
content.unionplus.org/api/v0/system/
18 KB
3 KB
XHR
General
Full URL
https://content.unionplus.org/api/v0/system/states?states%5B%5D=union_structure_global&states%5B%5D=union_structure_profile&states%5B%5D=union_structure_social_media&states%5B%5D=union_structure_application_forms
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/assets/vendor-020ed172b3d43882bf2dbe3af548b256.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
788f34bbb4960b7ab8d335dd82f33de72f911f78dd5dfdf2ac2cda4a62fb0cfe
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/vnd.api+json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/vnd.api+json

Response headers

date
Tue, 27 Sep 2022 15:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-platform-server
i-0cb0acdca691d8ef6, i-0cb0acdca691d8ef6
age
496537
x-cache
HIT, HIT
x-drupal-dynamic-cache
MISS
vary
Cookie, Origin, Accept-Encoding
content-length
2962
x-request-id
00-1716fc2f01efd2d60fb55f9f9eaae924-dc0a785a13741446-00
x-ua-compatible
IE=edge
last-modified
Wed, 21 Sep 2022 21:06:04 GMT
x-frame-options
SAMEORIGIN
etag
"1663794364"
x-served-by
cache-iad-kiad7000130-IAD, cache-hhn4047-HHN
strict-transport-security
max-age=31557600
content-language
en
access-control-allow-origin
https://www.unionplus.org
expires
Sun, 19 Nov 1978 05:00:00 GMT
cache-control
public, max-age=300
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-type
application/vnd.api+json
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-cache-hits
283, 3
menus
content.unionplus.org/api/v0/
0
0
Preflight
General
Full URL
https://content.unionplus.org/api/v0/menus
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.unionplus.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
accept, authorization, content-type, origin, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://www.unionplus.org
access-control-max-age
86400
cache-control
no-cache, private
date
Tue, 27 Sep 2022 15:02:08 GMT
strict-transport-security
max-age=31557600
vary
(null),Origin
x-cache
MISS, MISS
x-cache-hits
0, 0
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-server
i-0b42f28402ec9615c i-0b42f28402ec9615c
x-request-id
00-1718bfc80ed131a49a877ccc67e406cf-6f82b885508d278d-00
x-served-by
cache-iad-kiad7000055-IAD, cache-hhn4047-HHN
states
content.unionplus.org/api/v0/system/
0
0
Preflight
General
Full URL
https://content.unionplus.org/api/v0/system/states?states%5B%5D=union_structure_global&states%5B%5D=union_structure_profile&states%5B%5D=union_structure_social_media&states%5B%5D=union_structure_application_forms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.216 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.unionplus.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
accept, authorization, content-type, origin, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://www.unionplus.org
access-control-max-age
86400
cache-control
no-cache, private
date
Tue, 27 Sep 2022 15:02:08 GMT
strict-transport-security
max-age=31557600
vary
(null),Origin
x-cache
MISS, MISS
x-cache-hits
0, 0
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-server
i-0b42f28402ec9615c i-0b42f28402ec9615c
x-request-id
00-1718bfc80e74f1e3ef1ddb68bfa6fee0-754a2b549c0f5be7-00
x-served-by
cache-iad-kjyo7100179-IAD, cache-hhn4047-HHN
pixel
pxl.qccerttest.com/
35 B
549 B
Image
General
Full URL
https://pxl.qccerttest.com/pixel?r=1894287908;fpan=1;fpa=P0-916596207-1664290928178;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=unionplus.org;dst=0;et=1664290928178;tzo=0;url=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020;ogl=country%3Aname.United%20States%20of%20Amercia%2Cdescription.Union%20Plus%20benefits%20offered%20by%20the%20AFL-CIO%27s%20Union%20Privilege%20provides%20consumer%20s%2Cimage.%2Clocality.Washington%2Cpostal%3Acode.20002%2Cregion.DC%2Csite%3Aname.Union%20Plus%2Cstreet%3Aaddress.1100%201st%20ST%20NE%252C%20Suite%20850%2Ctitle.%2Ctype.%2Curl.
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404/benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:4600:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:48:50 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
47599
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
GzqZc3mFUKaHV_hU5L-ogqmiYfm5FDz9OgYTt4lZsrThiFWKeYUcbA==
pixel;r=2048904568;labels=_fp.event.Default;rf=0;a=p--G9rZRs5Ek2rg;url=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_mediu...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=2048904568;labels=_fp.event.Default;rf=0;a=p--G9rZRs5Ek2rg;url=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020;uht=2;fpan=0;fpa=P0-916596207-1664290928178;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=unionplus.org;dst=0;et=1664290928181;tzo=0;ogl=country%3Aname.United%20States%20of%20Amercia%2Cdescription.Union%20Plus%20benefits%20offered%20by%20the%20AFL-CIO's%20Union%20Privilege%20provides%20consumer%20s%2Cimage.%2Clocality.Washington%2Cpostal%3Acode.20002%2Cregion.DC%2Csite%3Aname.Union%20Plus%2Cstreet%3Aaddress.1100%201st%20ST%20NE%252C%20Suite%20850%2Ctitle.%2Ctype.%2Curl.;ses=1c0d349d-8b30-4cba-9e2f-09e415459fa6
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404/benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 15:02:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072477830/
43 B
691 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072477830/?random=1664290928243&cv=9&fst=1664290928243&num=1&rdp=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020&tiba=Not%20Found%20%7C%20Union%20Plus&auid=1260952818.1664290928&hn=www.googleadservices.com&us_privacy=error&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 15:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/939989353/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939989353/?random=1664290928250&cv=9&fst=1664290928250&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020&tiba=Not%20Found%20%7C%20Union%20Plus&auid=1260952818.1664290928&hn=www.googleadservices.com&us_privacy=error&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
121e3a264f6a141539017ebbeb6cc4109f473481459af54225518b79c39338cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 15:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1103
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WG83D6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
2076
date
Tue, 27 Sep 2022 14:27:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Tue, 27 Sep 2022 16:27:32 GMT
js
www.googletagmanager.com/gtag/
211 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9BWEPBEH54&l=dataLayer&cx=c
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/gtm/optimize.js?id=GTM-P3LFG3J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef4da5e0525ab9321c699546818d5c2b1bf93adfe82761304d1990baa2311a1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 15:02:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75522
x-xss-protection
0
expires
Tue, 27 Sep 2022 15:02:08 GMT
pr
unionplus.us-4.evergage.com/
0
445 B
Ping
General
Full URL
https://unionplus.us-4.evergage.com/pr?.top=648&.tt=585&.ttdns=33&.dt=1545&.btdns=31&.bv=16&_ak=unionplus&_ds=engage&.scv=62&channel=Web&_r=411756&.anonId=6b8f634970e1b6cf&_anon=true
Requested by
Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/unionplus/engage/scripts/evergage.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.58.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-58-247.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.unionplus.org
date
Tue, 27 Sep 2022 15:02:08 GMT
x-content-type-options
nosniff
timing-allow-origin
*
/
www.google.com/pagead/1p-user-list/939989353/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/939989353/?random=1664290928250&cv=9&fst=1664290800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020&tiba=Not%20Found%20%7C%20Union%20Plus&async=1&fmt=3&is_vtc=1&random=864436875&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404/benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 15:02:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/939989353/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/939989353/?random=1664290928250&cv=9&fst=1664290800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020&tiba=Not%20Found%20%7C%20Union%20Plus&async=1&fmt=3&is_vtc=1&random=864436875&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404/benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 15:02:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sa.css
tags.srv.stackadapt.com/
65 B
292 B
Stylesheet
General
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-206-121.compute-1.amazonaws.com
Software
/
Resource Hash
9464015ec4267a8be4abcad6d0996c8d526627e712b0adfe34c0177f56b5438a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Sep 2022 15:02:08 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
65
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/
0
881 B
Fetch
General
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-206-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Sep 2022 15:02:08 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1366790-1&cid=611562272.1664290929&jid=1395926831&gjid=1791935178&_gid=314208025.1664290929&_u=YGBAgAABQAAAAE~&z=1975377816
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 27 Sep 2022 15:02:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.unionplus.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=1550560725&t=pageview&_s=1&dl=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020&ul=en-us&de=UTF-8&dt=Not%20Found%20%7C%20Union%20Plus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABQ~&jid=1395926831&gjid=1791935178&cid=611562272.1664290929&tid=UA-1366790-1&_gid=314208025.1664290929&gtm=2wg9l0WG83D6&z=1839975402
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404/benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:56:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47139
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
349 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9BWEPBEH54&gtm=2oe9l0&_p=1550560725&cid=611562272.1664290929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664290928&sct=1&seg=0&dl=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020&dt=Not%20Found%20%7C%20Union%20Plus&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9BWEPBEH54&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 15:02:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.unionplus.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=469352173233592&ev=Microdata&dl=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020&rl=&if=false&ts=1664290928611&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Not%20Found%20%7C%20Union%20Plus%22%2C%22meta%3Adescription%22%3A%22Union%20Plus%20benefits%20offered%20by%20the%20AFL-CIO%27s%20Union%20Privilege%20provides%20consumer%20savings%2C%20discounts%2C%20benefits%2C%20and%20education%20resources%20to%20active%20and%20retired%20labor%20union%20members.%22%7D&cd[OpenGraph]=%7B%22og%3Acountry%3Aname%22%3A%22United%20States%20of%20Amercia%22%2C%22og%3Adescription%22%3A%22Union%20Plus%20benefits%20offered%20by%20the%20AFL-CIO%27s%20Union%20Privilege%20provides%20consumer%20savings%2C%20discounts%2C%20benefits%2C%20and%20education%20resources%20to%20active%20and%20retired%20labor%20union%20members.%22%2C%22og%3Alocality%22%3A%22Washington%22%2C%22og%3Apostal%3Acode%22%3A%2220002%22%2C%22og%3Aregion%22%3A%22DC%22%2C%22og%3Asite%3Aname%22%3A%22Union%20Plus%22%2C%22og%3Astreet%3Aaddress%22%3A%221100%201st%20ST%20NE%2C%20Suite%20850%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1664290928103.162974567&it=1664290928062&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404/benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 27 Sep 2022 15:02:08 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1366790-1&cid=611562272.1664290929&jid=1395926831&_u=YGBAgAABQAAAAE~&z=2088918471
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404/benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 15:02:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1366790-1&cid=611562272.1664290929&jid=1395926831&_u=YGBAgAABQAAAAE~&z=2088918471
Requested by
Host: www.unionplus.org
URL: https://www.unionplus.org/error/404/benefits/home-auto/wells-fargo-mo%e2%80%a6urce=welcome&utm_medium=email&utm_campaign=WelcomeSeries2020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 15:02:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
saq_pxl
tags.srv.stackadapt.com/
116 B
422 B
XHR
General
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=bmhD4KtvQwhmhYqqOiLnDg&is_js=true&landing_url=https%3A%2F%2Fwww.unionplus.org%2Ferror%2F404%2Fbenefits%2Fhome-auto%2Fwells-fargo-mo%25e2%2580%25a6urce%3Dwelcome%26utm_medium%3Demail%26utm_campaign%3DWelcomeSeries2020&t=Not%20Found%20%7C%20Union%20Plus&tip=s1dajptti0mB0ThCE81JyHsRaW9xxDAWJ6ulHvfvN-Y&host=https://www.unionplus.org&sa_conv_data_css_value=%20%220-f4f78242-8102-4c33-4d1c-0cef70f2f6dc%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9c160a71835944e1f60f4f476f27ff4dcb9d59ba4&sa-user-id-v2=s%253A0-f4f78242-8102-4c33-4d1c-0cef70f2f6dc%2524ip%2524185.213.155.164.VpaWxrxj137YneNUyCvB%252F1PDhSLAcVpKF5gHKcX8K7Y&sa-user-id=s%253A0-f4f78242-8102-4c33-4d1c-0cef70f2f6dc.%252BIy%252Fa7iDMmkmg0P3bDPiBlsyoGg8fXoQw47282wHId4
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-206-121.compute-1.amazonaws.com
Software
/
Resource Hash
cb012ff3cb8149f62e8f01d19af5f78e455c140bce691eae6c83f51157f214bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 15:02:08 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.unionplus.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
116

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| loader function| define function| requireModule function| require function| requirejs boolean| runningTests boolean| preferNative function| _typeof undefined| __ember_auto_import__ function| _get function| _superPropBase function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass object| EmberENV object| regeneratorRuntime object| Ember object| Em function| Popper object| base64 object| webpackJsonp_ember_auto_import_ function| _eai_r function| _eai_d function| emberAutoImportDynamic object| dataLayer object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render number| evergagePageMatchTimeout number| evergageReshowPersonalizedSectionsTimeout object| __gcse object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| elem object| scpt function| __cmp function| saq function| _saq function| onYouTubeIframeAPIReady object| _qevents object| __core-js_shared__ object| core function| __uspapi function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_optimize object| google_noFurtherRedirects object| gaplugins object| gaGlobal object| gaData object| res object| saCookies string| current_window_url_param

17 Cookies

Domain/Path Name / Value
www.unionplus.org/ Name: _evga_8e2d
Value: {%22uuid%22:%226b8f634970e1b6cf%22}
.www.unionplus.org/ Name: _sfid_bcf4
Value: {%22anonymousId%22:%226b8f634970e1b6cf%22%2C%22consents%22:[]}
.unionplus.org/ Name: _gcl_au
Value: 1.1.1260952818.1664290928
.unionplus.org/ Name: _fbp
Value: fb.1.1664290928103.162974567
www.unionplus.org/ Name: qcSxc
Value: 1664290928183
.quantserve.com/ Name: mc
Value: 63331070-33b0c-c63e3-49e7f
.unionplus.org/ Name: __qca
Value: P0-916596207-1664290928178
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f4f78242-8102-4c33-4d1c-0cef70f2f6dc.%2BIy%2Fa7iDMmkmg0P3bDPiBlsyoGg8fXoQw47282wHId4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9PeCQoECTDNNHAzvcPL23LnVm6Q.uumBBGvI5uJZB9Hgj8ejLQhZNj495GG5IzxN%2FQqR8qU
www.unionplus.org/ Name: sa-user-id
Value: s%253A0-f4f78242-8102-4c33-4d1c-0cef70f2f6dc.%252BIy%252Fa7iDMmkmg0P3bDPiBlsyoGg8fXoQw47282wHId4
www.unionplus.org/ Name: sa-user-id-v2
Value: s%253A0-f4f78242-8102-4c33-4d1c-0cef70f2f6dc%2524ip%2524185.213.155.164.VpaWxrxj137YneNUyCvB%252F1PDhSLAcVpKF5gHKcX8K7Y
.unionplus.org/ Name: _gid
Value: GA1.2.314208025.1664290929
.unionplus.org/ Name: _dc_gtm_UA-1366790-1
Value: 1
.unionplus.org/ Name: _ga_9BWEPBEH54
Value: GS1.1.1664290928.1.0.1664290928.0.0.0
.unionplus.org/ Name: _ga
Value: GA1.1.611562272.1664290929
unionplus.us-4.evergage.com/ Name: AWSALBCORS
Value: rknPTwrMx5iO2XP4Wpn8TwODnm4uuEEbk+Ip47HlGYW5xGqF12fX+uLdbpn/PF+RohgKeFWEHaQJ8/7NsL4jRui4RmG549jR5gHvedH7/tYQczibUyVHMXZT86SW

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests default-src * 'unsafe-eval' 'unsafe-inline';block-all-mixed-content;upgrade-insecure-requests
Strict-Transport-Security max-age=31557600
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 0 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.evgnet.com
click.email-unionplus.org
connect.facebook.net
content.unionplus.org
cse.google.com
googleads.g.doubleclick.net
pixel.quantserve.com
pxl.qccerttest.com
quantcast.mgr.consensu.org
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
unionplus.us-4.evergage.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.unionplus.org
142.250.201.194
151.101.130.216
151.101.64.114
2.21.20.211
2001:4860:4802:32::36
2600:9000:2057:a600:6:44e3:f8c0:93a1
2600:9000:206f:de00:9:46dc:4700:93a1
2600:9000:223d:4600:11:615:7240:93a1
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c0b::9a
2a00:1450:400d:806::2002
2a00:1450:400d:807::200e
2a00:1450:400d:80a::2004
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
52.33.58.247
52.44.206.121
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0190a19598daefce6eff4c8405c79b908048b3f4625d3c37fcf943944fc523c6
033e950108df026459a34c0baf123b64ee244269f4462caebd116edb1d323851
121e3a264f6a141539017ebbeb6cc4109f473481459af54225518b79c39338cf
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
3124b9708bbb323613933e7f56170d5137709387eddade0f8db101d2f4cfeb82
32db44006e0d3dd606b3dfaa5099db0e3da31e398a59a07d9b4330df4eb01fe9
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
36a7a1eb1f76634799e30f764e687d792495017acb67a203a7f5a594bbfaa48f
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4c410773230d94c3cc6fd572102f7cea86006d169254bbb6680cd46ea1ac7e74
4c4c3948f005514199276a2bdc3189220e8476c0ceaa9ffaf3af3c794c579d7a
55e7e1e8840da899ec55ad6e24f911533321ff908ac5c85e6a119bcb85dd2153
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
5abb5289ae16cc6628a0685c81214c20fb6f70863377000486be0c00e679a84d
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
6a52f3624d40299d58fb3edc7ff0758d47b7ca45aaac1508608ef0b7fce55459
6db30a127964bdb2142cf87432659c300d6cd50cbe1bc01f7f8c63425a64dbbe
73c1e68802bb3cb8b8208df0ab0d7621447189ec8155c17d7b221251766e5b80
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
788f34bbb4960b7ab8d335dd82f33de72f911f78dd5dfdf2ac2cda4a62fb0cfe
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8380b9107bd9c133527b04e2df5710da547541f4feb013ab6a5ef38c40763177
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
9464015ec4267a8be4abcad6d0996c8d526627e712b0adfe34c0177f56b5438a
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
98b40fe597a74ab4dc23c5d3890f8877eee409803ca4164b162bcc156dfea3ee
9c478a582c7eee7cdcd0c2e5638915f49c9a857dd9a30d94e6be2efb8e7a42cb
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
af6c6745814a18e22f163eb02dde6379bba59b43e10b7045e5a93d72c99c352d
b2f1da6b81deb93e1c7ffedc248d44f7a4d6783b3bae02eacda5814f6511579b
bfb52bdb89569e6a5d1e67f7ec0cf09abac35f3a46df4bececdc20d75d573591
cb012ff3cb8149f62e8f01d19af5f78e455c140bce691eae6c83f51157f214bf
cd0a0c0586d2629c6578a888c23222b9193f69321aa40af6389678e38fd47b45
d4028173caafe4e183a6a23b0efc4dc80c619d34f84e4278152a7099999b2a57
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4da5e0525ab9321c699546818d5c2b1bf93adfe82761304d1990baa2311a1d
f5c9e091445bc4350e2c5eafab91bf48886c02fdaf7ae463fbfe50055a2b638e
f8e6e889141fc6ceac4d75e4d1430e71fbb559658ca3278bb6e415a3841c83dd
fc8d1a7e1de17078283415c9685204a70ea812c592956b5600a6b9e24e9b2c2d