urlscan.io logo urlscan.io
SecurityTrails logo

slm501y93viprod.azurewebsites.net Open in urlscan Pro
23.96.96.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://slm501y93viprod.azurewebsites.net/link/070eaa268fa347b3b0ea9dfdd4b749dd.aspx
Effective URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Submission: On July 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 24 domains to perform 57 HTTP transactions. The main IP is 23.96.96.142, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is slm501y93viprod.azurewebsites.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on May 24th 2024. Valid for: a year.
This is the only time slm501y93viprod.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 23.96.96.142 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 18.66.147.19 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:9000:272... 16509 (AMAZON-02)
1 3 104.18.24.173 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 18.66.112.57 16509 (AMAZON-02)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 34.168.224.78 396982 (GOOGLE-CL...)
1 2001:4860:480... 15169 (GOOGLE)
1 35.241.59.180 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.146.187.52 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 18.66.147.76 16509 (AMAZON-02)
1 142.250.184.226 15169 (GOOGLE)
1 104.18.80.204 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 20.50.88.234 8075 (MICROSOFT...)
57 29
21    23.96.96.142 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
slm501y93viprod.azurewebsites.net
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::6812:24a8 (United States)

ASN13335 (CLOUDFLARENET, US)
dl.episerver.net
1    18.66.147.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-19.fra60.r.cloudfront.net
js.poshdevelopment.com
3    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2600:9000:2724:ac00:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.rlets.com
3    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.66.112.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-57.fra56.r.cloudfront.net
js.ipredictive.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    34.168.224.78 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.224.168.34.bc.googleusercontent.com
5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    35.241.59.180 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 180.59.241.35.bc.googleusercontent.com
api.poshdevelopment.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)
js-na1.hs-scripts.com
1    54.146.187.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-187-52.compute-1.amazonaws.com
ad.ipredictive.com
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    2606:4700::6810:6cfe (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
2    18.66.147.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-76.fra60.r.cloudfront.net
capture-api.reachlocalservices.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
2    20.50.88.234 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
21 azurewebsites.net
slm501y93viprod.azurewebsites.net
1 MB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 427
px4.ads.linkedin.com — Cisco Umbrella Rank: 6261
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1301
s.tribalfusion.com — Cisco Umbrella Rank: 4052
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 85
312 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 600
200 B
2 reachlocalservices.com
capture-api.reachlocalservices.com — Cisco Umbrella Rank: 27659
587 B
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 6514
forms.hscollectedforms.net — Cisco Umbrella Rank: 6648
25 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
3 KB
2 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 14313
ad.ipredictive.com — Cisco Umbrella Rank: 10159
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 216
76 KB
2 rlets.com
cdn.rlets.com — Cisco Umbrella Rank: 22410
5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com
43 KB
2 poshdevelopment.com
js.poshdevelopment.com — Cisco Umbrella Rank: 88344
api.poshdevelopment.com — Cisco Umbrella Rank: 122098 Failed
78 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 3668
1 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 6412
888 B
1 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 301
409 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 3460
26 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 3499
24 KB
1 hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 9807
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1793
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1217
14 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 3385
22 KB
1 gstatic.com
fonts.gstatic.com
23 KB
1 episerver.net
dl.episerver.net — Cisco Umbrella Rank: 36192
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 87
832 B
57 24
Domain Requested by
21 slm501y93viprod.azurewebsites.net 1 redirects slm501y93viprod.azurewebsites.net
3 px.ads.linkedin.com 1 redirects az416426.vo.msecnd.net
3 www.googletagmanager.com slm501y93viprod.azurewebsites.net
www.googletagmanager.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 capture-api.reachlocalservices.com az416426.vo.msecnd.net
2 s.tribalfusion.com 1 redirects a.tribalfusion.com
2 www.facebook.com slm501y93viprod.azurewebsites.net
2 connect.facebook.net slm501y93viprod.azurewebsites.net
connect.facebook.net
1 track.hubspot.com
1 forms.hsforms.com slm501y93viprod.azurewebsites.net
1 cm.g.doubleclick.net slm501y93viprod.azurewebsites.net
1 forms.hscollectedforms.net az416426.vo.msecnd.net
1 js.hs-banner.com js-na1.hs-scripts.com
1 js.hscollectedforms.net js-na1.hs-scripts.com
1 js.hs-analytics.net js-na1.hs-scripts.com
1 ad.ipredictive.com js.ipredictive.com
1 js-na1.hs-scripts.com www.googletagmanager.com
1 api.poshdevelopment.com js.poshdevelopment.com
1 region1.google-analytics.com www.googletagmanager.com
1 5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com cdn.rlets.com
1 px4.ads.linkedin.com slm501y93viprod.azurewebsites.net
1 js.ipredictive.com www.googletagmanager.com
1 a.tribalfusion.com www.googletagmanager.com
1 cdn.rlets.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 az416426.vo.msecnd.net slm501y93viprod.azurewebsites.net
1 fonts.gstatic.com fonts.googleapis.com
1 js.poshdevelopment.com slm501y93viprod.azurewebsites.net
1 dl.episerver.net slm501y93viprod.azurewebsites.net
1 fonts.googleapis.com slm501y93viprod.azurewebsites.net
57 30
Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-05-24 -
2025-05-19		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
dl.episerver.net
GTS CA 1P5		 2024-05-22 -
2024-08-20		 3 months crt.sh
*.poshdevelopment.com
Amazon RSA 2048 M03		 2023-08-13 -
2024-09-11		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.rlets.com
Amazon RSA 2048 M03		 2023-10-31 -
2024-11-27		 a year crt.sh
tribalfusion.com
E1		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-16 -
2024-07-15		 3 months crt.sh
*.ipredictive.com
Amazon RSA 2048 M02		 2024-02-12 -
2025-03-11		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh
captureapi.localiq.com
R11		 2024-06-14 -
2024-09-12		 3 months crt.sh
hs-scripts.com
E1		 2024-05-31 -
2024-08-29		 3 months crt.sh
hs-analytics.net
WE1		 2024-06-11 -
2024-09-09		 3 months crt.sh
hscollectedforms.net
E1		 2024-05-27 -
2024-08-25		 3 months crt.sh
hs-banner.com
E1		 2024-05-30 -
2024-08-28		 3 months crt.sh
*.reachlocalservices.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
hsforms.com
WE1		 2024-06-14 -
2024-09-12		 3 months crt.sh
hubspot.com
E1		 2024-05-23 -
2024-08-21		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-25 -
2025-06-20		 a year crt.sh

This page contains 3 frames:

Primary Page: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Frame ID: 909139217AAA6E3ABEAAE03A1E513022
Requests: 52 HTTP requests in this frame

Frame: https://5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com/static/storage.html
Frame ID: E15B65A8B08216874C0F811E87CE9F19
Requests: 1 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=111134&cache_buster=1720393588&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F&ps=0
Frame ID: 297476FD1F8B5CFAD562BC34DDBACBB3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Spring Into Action CD Promo | Salem Five Bank

Page URL History Show full URLs

  1. http://slm501y93viprod.azurewebsites.net/link/070eaa268fa347b3b0ea9dfdd4b749dd.aspx HTTP 307
    https://slm501y93viprod.azurewebsites.net/link/070eaa268fa347b3b0ea9dfdd4b749dd.aspx HTTP 301
    https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

95 %
HTTPS

57 %
IPv6

24
Domains

30
Subdomains

29
IPs

4
Countries

2178 kB
Transfer

5519 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://slm501y93viprod.azurewebsites.net/link/070eaa268fa347b3b0ea9dfdd4b749dd.aspx HTTP 307
    https://slm501y93viprod.azurewebsites.net/link/070eaa268fa347b3b0ea9dfdd4b749dd.aspx HTTP 301
    https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393587631&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F&tm=gtmv2 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393587631&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F&tm=gtmv2&e_ipv6=AQI50_J03tcDwAAAAZCPctwZfyBe0AJgF5lHK_qnTIrgxxqldHMw2ifzw0VbV-lo
Request Chain 50
  • https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%22953992120%22%2C%22th%22%3A7234270109%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22a5mneMUtZbcXUQ8YUUiXTaq4VUsPBZcRtY%22%2C%22url%22%3A%22https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F%22%2C%22clientName%22%3A%22Salem%2520Five%2520Bank%22%2C%22clientID%22%3A791573%2C%22eventType%22%3A%22visitor%22%2C%22segmentNumber%22%3A2%2C%22segmentName%22%3A%22SiteWide%22%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662046731351405

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Redirect Chain
  • http://slm501y93viprod.azurewebsites.net/link/070eaa268fa347b3b0ea9dfdd4b749dd.aspx
  • https://slm501y93viprod.azurewebsites.net/link/070eaa268fa347b3b0ea9dfdd4b749dd.aspx
  • https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
51 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d677e7ed32cf7e9c644210e0a7168ee8cdbcf2ec83ab7e5f4b8965de8cb83712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Cache-Tag
slm501y93viprod
Content-Encoding
gzip
Content-Length
12708
Content-Type
text/html; charset=utf-8
Date
Sun, 07 Jul 2024 23:06:25 GMT
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-AspNetMvc-Version
5.2
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Expose-Headers
Request-Context
Cache-Tag
slm501y93viprod
Content-Length
202
Content-Type
text/html; charset=utf-8
Date
Sun, 07 Jul 2024 23:06:25 GMT
Location
/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
jquery.bundle.min.js
slm501y93viprod.azurewebsites.net/Static/js/ 		334 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/js/jquery.bundle.min.js?ver=7.7.2024110626PM
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ae5a7426d7cd2662820f33f8e8dd238273644795270dfe77893fa92cb7d23062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
98552
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Mon, 17 Jun 2024 16:40:12 GMT
Server
Microsoft-IIS/10.0
ETag
"03ee05d5c0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
vendor.head.min.js
slm501y93viprod.azurewebsites.net/Static/js/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/js/vendor.head.min.js?ver=7.7.2024110626PM
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9132e51090a99fe5b602951d8c6117d634b3b082f8100b9d73f91ebcf0590112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
10886
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Mon, 17 Jun 2024 16:40:12 GMT
Server
Microsoft-IIS/10.0
ETag
"03ee05d5c0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
main.css
slm501y93viprod.azurewebsites.net/Static/css/ 		378 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110626PM
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8f1358eddcecee9dd2327d35ae86e22bee6d9629879a590708fe612141cbd558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
64371
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Mon, 17 Jun 2024 16:40:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0b74c2d5c0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
css
fonts.googleapis.com/ 		1 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700&display=swap
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 23:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 21:41:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 23:06:26 GMT
salem-five-logo.webp
slm501y93viprod.azurewebsites.net/globalassets/logo/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/globalassets/logo/salem-five-logo.webp
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6dc9b68b93a9546ed3a13fa45d97187d0cf1224daa92aaf6b5488102b5c46ac2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
7282
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Thu, 29 Feb 2024 14:00:55 GMT
Server
Microsoft-IIS/10.0
ETag
"1DA6B17B66F0580"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Accept-Ranges
bytes
Expires
Mon, 08 Jul 2024 11:06:27 GMT
6-9-12-18-or-24-month-options.webp
slm501y93viprod.azurewebsites.net/globalassets/hero/promotions/ 		760 KB
760 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/globalassets/hero/promotions/6-9-12-18-or-24-month-options.webp
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f9c954ddfbb2b980fc0801dce0231b7d996326063b07e70355e318a31d6fa5c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
777820
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 16 Apr 2024 19:17:32 GMT
Server
Microsoft-IIS/10.0
ETag
"1DA9032BAF16E00"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Accept-Ranges
bytes
Expires
Mon, 08 Jul 2024 11:06:27 GMT
twitter-logo-white-small.png
slm501y93viprod.azurewebsites.net/Static/images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/Static/images/twitter-logo-white-small.png
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bd4ff9d9cf0b9c08e94cc5bac213729ba4a52a1a0f5e3dfac94d2bbf19790524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
25512
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:48:10 GMT
Server
Microsoft-IIS/10.0
ETag
"0e9c16a68ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
vendor.min.js
slm501y93viprod.azurewebsites.net/Static/js/ 		795 KB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/js/vendor.min.js?ver=7.7.2024110626PM
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6673b2be79b4e12308271c4341f718710d7f13f391d5ec6411f5493aacde6bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
240897
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Mon, 17 Jun 2024 16:40:10 GMT
Server
Microsoft-IIS/10.0
ETag
"011af4d5c0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
localScripts.min.js
slm501y93viprod.azurewebsites.net/Static/js/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/js/localScripts.min.js?ver=7.7.2024110626PM
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cf912cdc01eda9e96deab197b1e73194b019b0c61d5364e2a4b687453533f18d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
13191
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Mon, 17 Jun 2024 16:40:08 GMT
Server
Microsoft-IIS/10.0
ETag
"0e47d3d5c0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
find.js
dl.episerver.net/13.5.9/epi-util/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.episerver.net/13.5.9/epi-util/find.js
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Feb 2024 02:06:26 GMT
server
cloudflare
age
2005562
etag
"0fd1abcea69da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
89fb7c30bd902c7b-FRA
content-length
2271
expires
Wed, 07 Aug 2024 23:06:27 GMT
entry.js
js.poshdevelopment.com/widget/ 		897 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.poshdevelopment.com/widget/entry.js
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-19.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e88b08c374f8146a851fd8667319a89812afc32859e634cce50c114406fe398
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
date
Sun, 07 Jul 2024 18:09:56 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
17792
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 07 Jun 2024 15:57:04 GMT
server
AmazonS3
etag
W/"003cb68d5641392aadcc9d78470af604"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800, stale-while-revalidate=14400
x-amz-cf-id
xpquYVcfJxS7qrKzJ6I12LxuNDSYV8wuw4-vOSS52mQNNP52_pqCkQ==
gtm.js
www.googletagmanager.com/ 		448 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f2ecc5698dd8a9c34eff1766ccf2087983cbfce23a644c5e0d842b0815203f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118062
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jul 2024 23:06:27 GMT
blue-background-hero.png
slm501y93viprod.azurewebsites.net/globalassets/hero/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/globalassets/hero/blue-background-hero.png
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fdf8bec264deacca71d57774d79e2309f558b5075da15bebb3bec96d8ec6324d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
5453
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Fri, 29 Sep 2023 15:51:46 GMT
Server
Microsoft-IIS/10.0
ETag
"1D9F2ECD9895500"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Accept-Ranges
bytes
Expires
Mon, 08 Jul 2024 11:06:27 GMT
footer-member-logos.png
slm501y93viprod.azurewebsites.net/Static/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/Static/images/footer-member-logos.png
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110626PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c83158574a0d7dae5281d4b442b7d7a78f292e57d4fb849085e1848adff92264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
2358
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
OpenSans-Bold-webfont.woff
slm501y93viprod.azurewebsites.net/Static/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/OpenSans-Bold-webfont.woff
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110626PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
22432
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
OpenSans-Semibold-webfont.woff
slm501y93viprod.azurewebsites.net/Static/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/OpenSans-Semibold-webfont.woff
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110626PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
22908
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
fontawesome-webfont.woff2
slm501y93viprod.azurewebsites.net/Static/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110626PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
77160
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
OpenSans-Regular-webfont.woff
slm501y93viprod.azurewebsites.net/Static/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/OpenSans-Regular-webfont.woff
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110626PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
22660
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
OpenSans-Light-webfont.woff
slm501y93viprod.azurewebsites.net/Static/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/OpenSans-Light-webfont.woff
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110626PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a1cb81c9f07f1f399db66ec188c02a1c74bc382df9a8550ab8091aac93dff8a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
22248
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
font.woff2
slm501y93viprod.azurewebsites.net/Static/fonts/FranklinGothicDemi/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/FranklinGothicDemi/font.woff2
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110626PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8160a20058e8c1783b1fe0e6360e050ff8b79d8da2bf5969879fa832d7a1876f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
66072
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Thu, 13 Jun 2024 20:29:44 GMT
Server
Microsoft-IIS/10.0
ETag
"0acf96cd0bdda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 18:06:58 GMT
x-content-type-options
nosniff
age
277169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 18:06:58 GMT
OpenSans-BoldItalic-webfont.woff
slm501y93viprod.azurewebsites.net/Static/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/OpenSans-BoldItalic-webfont.woff
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110626PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d3cd72b3406363d94d62d7ae9305bdad3654ffb99dd041d574524077a2c0972f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
23048
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
OpenSans-Italic-webfont.woff
slm501y93viprod.azurewebsites.net/Static/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/OpenSans-Italic-webfont.woff
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110626PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1e2916c514af4531e75fc3b6ab19dced7708cd47a7702cb1c91c1d53416c6a2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
23188
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Jul 2024 23:06:27 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1455
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3d69bbc2-b01e-0053-2ebe-d027ca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sun, 07 Jul 2024 23:36:27 GMT
js
www.googletagmanager.com/gtag/ 		359 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HV0QYWK2VZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4991090fbde1a02bfe3577c04d5a239c9b17970cf6acf3589f02133936fba14c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
113428
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jul 2024 23:06:27 GMT
destination
www.googletagmanager.com/gtag/ 		239 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1018842068&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b12c3bc3d7209f36bfb54d2428a44bb19d4a022bba475c699f1ebd63f30ab18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87116
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jul 2024 23:06:27 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 16:46:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=68861
accept-ranges
bytes
content-length
14004
1de4b368ee7292d3ef802dc.js
cdn.rlets.com/capture_configs/589/8eb/e55/ 		179 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_configs/589/8eb/e55/1de4b368ee7292d3ef802dc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:ac00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a57109bd7d7d0f6aec02a9d29f98afed3ed0045fd986faa7b30ef809f3b52341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sun, 07 Jul 2024 21:30:57 GMT
via
1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P12
age
5730
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a022111f52dbb879c8b5ebbbda1a4f39
x-runtime
0.082996
referrer-policy
strict-origin-when-cross-origin
etag
W/"a57109bd7d7d0f6aec02a9d29f98afed"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
x-amz-cf-id
XGZmJb7QnLKXDS0gYadIYu6dg9dNAqktBCDXAqjH8F_qeKt-cL1wMg==
pixel.js
a.tribalfusion.com/pixel/tags/Salem%20Five%20Bank/791573/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/pixel/tags/Salem%20Five%20Bank/791573/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0216d874a945a1bf53036539389c257c571cde8f76ab1be43d71c20382ad7617

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400
content-length
2009
x-function
151
last-modified
Tue, 11 Jun 2024 07:41:25 GMT
server
cloudflare
x-reuse-index
170
etag
12822123156415441045
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
89fb7c329aff9219-FRA
expires
Mon, 08 Jul 2024 00:06:27 GMT
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jul 2024 23:06:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
A8ja05iJWp3pIi+79WAftStZPtjQuwMp4zNFT0O3i+N25PVGU2z9zvaL2Mv4FpenM4Yjlm1b2G+X01sNnY6FyA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
viant_universal_pixel.js
js.ipredictive.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/viant_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-57.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e43cbf3e54c447adae3b2b8c498dc6cba091b9b642786962439a3615e242a9f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:50:40 GMT
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified
Mon, 06 May 2024 21:05:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
949
x-amz-server-side-encryption
AES256
etag
"382be3641677196a7ee74758ade9f9aa"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2101
x-amz-cf-id
eWcSVEECiRRzw7TJ1DeU5_IStJ1ZbyC1tFzowvv5uKYh-oB2910gcw==
/
px.ads.linkedin.com/wa/ 		0
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F5C33B287C2D4EC4B66CB5684F5AD378 Ref B: DUS30EDGE0418 Ref C: 2024-07-07T23:06:27Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://slm501y93viprod.azurewebsites.net
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYcsFirnX7LUYoaKzQjYg==
attribution_trigger
px.ads.linkedin.com/ 		2 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2807730&time=1720393587631&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F&tm=gtmv2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:26 GMT
content-encoding
gzip
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 49590B706C9D413BA4693F408638E5C1 Ref B: FRAEDGE1506 Ref C: 2024-07-07T23:06:27Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lva1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYcsFirNrQKcS3wREbJ4A==
x-fs-uuid
00061cb058ab36b40a712df04446c9e0
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393587631&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393587631&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-int...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393587631&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F&tm=gtmv2&e_ipv6=AQI50_J03tcDwAAAAZCPctwZfyBe0AJgF5lHK_qnTIrgxxqldHMw2ifzw0VbV-lo
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 07 Jul 2024 23:06:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 39DF22E43B314F818F3509A331477E04 Ref B: FRAEDGE1119 Ref C: 2024-07-07T23:06:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcsFiucW0qQUFjU7GP8w==

Redirect headers

date
Sun, 07 Jul 2024 23:06:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 413FDF6534D049F79311D6AD15442E31 Ref B: DUS30EDGE0418 Ref C: 2024-07-07T23:06:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393587631&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F&tm=gtmv2&e_ipv6=AQI50_J03tcDwAAAAZCPctwZfyBe0AJgF5lHK_qnTIrgxxqldHMw2ifzw0VbV-lo
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcsFirn6xgSU5vPnTJ3w==
169124471385309
connect.facebook.net/signals/config/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/169124471385309?v=2.9.160&r=stable&domain=slm501y93viprod.azurewebsites.net&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17923a86d2f12244b69eb1ebfe325f607caba7b39828a8940cce9c4efd1d957f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jul 2024 23:06:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=62, mss=1297, tbw=63830, tp=-1, tpl=-1, uplat=86, ullat=0
pragma
public
x-fb-debug
f1+yjixhlvXNVBCM9RDyrWl5jV97YmVkrH/dsHrsw0KQ8z/56ESVJ/mveKpx2trxJavmRh5ajuz6Z93qGHS7kg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
storage.html
5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com/static/ Frame E15B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/589/8eb/e55/1de4b368ee7292d3ef802dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
2056
content-type
text/html
date
Sun, 07 Jul 2024 23:06:28 GMT
last-modified
Fri, 31 May 2024 20:08:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HV0QYWK2VZ&gtm=45je4730v875872837z878205442za200zb78205442&_p=1720393587253&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=636659426.1720393588&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F&sid=1720393587&sct=1&seg=0&dt=Spring%20Into%20Action%20CD%20Promo%20%7C%20Salem%20Five%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Personal%20Accounts&tfd=1522&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HV0QYWK2VZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 23:06:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://slm501y93viprod.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
graphql
api.poshdevelopment.com/api/v1/channel/web/v1/ 		0
0
graphql
api.poshdevelopment.com/api/v1/channel/web/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.poshdevelopment.com/api/v1/channel/web/v1/graphql?deploymentID=e1ae31bb-a037-4ab5-93be-d71beb1091f2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.59.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.59.241.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-posh-deployment-id
Access-Control-Request-Method
POST
Origin
https://slm501y93viprod.azurewebsites.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

allow
POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
content-type
text/html; charset=utf-8
date
Sun, 07 Jul 2024 23:06:27 GMT
etag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
referrer-policy
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169124471385309&ev=PageView&dl=https%3A%2F%2Fslm501y93viprod.azurewebsites.net&rl=&if=false&ts=1720393587816&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.2.1720393587814.862464164297540237&cs_est=true&pm=1&hrl=a7d572&ler=empty&cdl=API_unavailable&it=1720393587658&coo=false&cs_cc=1&rqm=GET
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://slm501y93viprod.azurewebsites.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 07 Jul 2024 23:06:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=169124471385309&ev=PageView&dl=https%3A%2F%2Fslm501y93viprod.azurewebsites.net&rl=&if=false&ts=1720393587816&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.2.1720393587814.862464164297540237&cs_est=true&pm=1&hrl=a7d572&ler=empty&cdl=API_unavailable&it=1720393587658&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://slm501y93viprod.azurewebsites.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb4f77ecb9b2bcbf5","source_keys":["1","2"]},{"key_piece":"0x4ffdec74852fdf39","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 07 Jul 2024 23:06:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389034192891491934", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1297, tbw=3105, tp=-1, tpl=-1, uplat=170, ullat=0
pragma
no-cache
x-fb-debug
zyUnRuaBw1fInpNohKp88yosnvEEtcBMWgDbgsfGHeAU+NPRQI0+byKnlyBeDjDvsFVovHuRFqMu1/Jel1K/LA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389034192891491934"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
23589689.js
js-na1.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/23589689.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdaf8366e1d48faf7f55491efde066ed78c707fd310592fd15d213aa12652d3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-hubspot-correlation-id
fc888661-539d-406b-84c6-716933bcab54
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=1556
age
3975
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fc888661-539d-406b-84c6-716933bcab54
cf-bgj
minify
last-modified
Sun, 07 Jul 2024 22:00:12 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-7dd59b876-2mxpl
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cf-ray
89fb7c341b0c5bf9-FRA
displayAd.js
s.tribalfusion.com/ 		679 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7234270109
Requested by
Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/Salem%20Five%20Bank/791573/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50892e05de040d4a5fc8187946912abef13780983437d7677954c68bb0a11faa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
153
last-modified
Tue, 11 Jun 2024 07:41:25 GMT
server
cloudflare
x-reuse-index
5
vary
Accept-Encoding
content-type
application/x-javascript
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private
cf-ray
89fb7c35fdcb9219-FRA
alt-svc
h3=":443"; ma=86400
content-length
333
expires
Sat, 05 Oct 2024 23:06:28 GMT
event
ad.ipredictive.com/d/track/ Frame 2974 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ipredictive.com/d/track/event?upid=111134&cache_buster=1720393588&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F&ps=0
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/viant_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.187.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-187-52.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Length
0
Date
Sun, 07 Jul 2024 23:06:28 GMT
X-CI-RTID
6fda336b-37f7-4795-b178-9e8b04da7522
23589689.js
js.hs-analytics.net/analytics/1720389600000/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1720389600000/23589689.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23589689.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff59603635e3d935f1531ab20f57aca57c6e6a32e64fb56d01bf9101d737172

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:28 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
ADCKR2VRBV7FPHR5
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
d74634c4-e82a-4069-8c30-1d183fdd3a1e
x-envoy-upstream-service-time
43
x-amz-id-2
47iMJRTfjjOKYydojeciVOmcY3UYm/7JpzL19Scvm2PN3Gini/P5+36JcL7swFi+V3QzRglHRRxcZ5CXFwkkM/HVxSLshwtulPBfOHspC8c=
x-evy-trace-listener
listener_https
x-request-id
d74634c4-e82a-4069-8c30-1d183fdd3a1e
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 21 Jun 2024 21:36:43 GMT
server
cloudflare
etag
W/"edd18ddbd508ca57ebced65e7a8dee3e"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-647fb
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
89fb7c36695e365f-FRA
expires
Sun, 07 Jul 2024 23:11:28 GMT
collectedforms.js
js.hscollectedforms.net/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23589689.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
age
485
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=89fb705e29569bfa-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
date
Sun, 07 Jul 2024 23:06:28 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
c2b6e4fa-697e-409a-b850-25ced8884606
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-request-id
c2b6e4fa-697e-409a-b850-25ced8884606
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-65f7f7c749-2hwf8
cf-ray
89fb7c3669721cb5-FRA
x-amz-cf-id
V6rm0zWS38DdIj2VJFStS9tupYkYnm_kXJNLdLTndh-PVAVwuAuq0A==
banner.js
js.hs-banner.com/v2/23589689/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/23589689/banner.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23589689.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623d3157340c2151bc9125f231cefff1be62809b5514a5e36505964e3de76e0b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:28 GMT
x-amz-version-id
RpnDmCmLCjtF4aMgkzL8QwznHcH2Z52w
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
0XGYG4J3MCEVTCJK
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
0abc727d-e73e-476b-9173-82af4cd5116b
x-envoy-upstream-service-time
81
x-amz-id-2
6E9AFLI6snCxsg2PflnmUNxQeGCDVLQ0ZcoMqlpLl9MSU9Q7a/hKDNbUZlrbEvNIaShr+DVYDN4=
x-evy-trace-listener
listener_https
x-request-id
0abc727d-e73e-476b-9173-82af4cd5116b
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 15 Apr 2024 16:59:35 GMT
server
cloudflare
etag
W/"a73b7dfe95e08a4b892e049bae1a3fa5"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
vary
origin, Accept-Encoding
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-rslzw
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
89fb7c367ddb923b-FRA
expires
Sun, 07 Jul 2024 23:11:28 GMT
originCountry
capture-api.reachlocalservices.com/ 		35 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-76.fra60.r.cloudfront.net
Software
/
Resource Hash
2b343b21215fef87f4079b62256d4bc29f0697202fa85141731716654c303745

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 07 Jul 2024 23:06:29 GMT
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amzn-requestid
60e02178-e8b2-4214-ad34-90034de4d8a7
x-amzn-trace-id
Root=1-668b1f75-49d6777645249fa73cfab2a9;Parent=01c6b35782841fc3;Sampled=0;lineage=a245b58f:0
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
akHaVGsjvHcECkQ=
content-length
35
x-amz-cf-id
BWTP7Pi_OtLJtOHyGwr3LphQSEeXojor6Y-1yTNmTytImPKbBbT2lg==
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
originCountry
capture-api.reachlocalservices.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-76.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://slm501y93viprod.azurewebsites.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 07 Jul 2024 23:06:28 GMT
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-apigw-id
akHaRHsJvHcEGuA=
x-amz-cf-id
dt6FDNdEdp4CrBaR7XDd7IYUNsDgjEnSzT1IqlkBZLbdgTMfptTfUQ==
x-amz-cf-pop
FRA60-P4
x-amzn-requestid
66f04211-0d14-4967-8ec7-d3b216092562
x-cache
Miss from cloudfront
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		136 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=23589689&utk=
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77c58366127d4e57c33f6306797204ceec57af242b630e94c4663464741300da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
5ef368f6-2f9f-459a-89f8-b30045bdefac
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5ef368f6-2f9f-459a-89f8-b30045bdefac
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://slm501y93viprod.azurewebsites.net
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-65f7f7c749-csnpm
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
89fb7c36b9b11cb5-FRA
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%22953992120%22%2C%22th%22%3A7234270109%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22a5mneMUtZbcXUQ8YUUiXTaq4VUsPBZcRtY%22%2C%22url%22%3A%22htt...
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662046731351405
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662046731351405
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 23:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Jul 2024 23:06:28 GMT
cf-cache-status
DYNAMIC
x-function
307
server
cloudflare
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662046731351405
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
89fb7c36fe789219-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fb369f8f-7b74-470b-bec4-350c718de1e5
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fb369f8f-7b74-470b-bec4-350c718de1e5
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-776cb5686f-x87g5
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
89fb7c391c0a71bf-FRA
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=23589689&rcu=https%3A%2F%2Fwww.salemfive.com%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F&pu=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fpersonal%2Faccounts%2Fopen-a-certificate-of-deposit%2Fspring-into-action-special-cd-promo%2F&t=Spring+Into+Action+CD+Promo+%7C+Salem+Five+Bank&cts=1720393588870&vi=fd09e4e83fdcc05d0de210fde3b09bb6&nc=true&u=24525925.fd09e4e83fdcc05d0de210fde3b09bb6.1720393588868.1720393588868.1720393588868.1&b=24525925.1.1720393588868&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
ffd95ac1-132b-4ba1-8a9f-3465020e8a94
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
10
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ffd95ac1-132b-4ba1-8a9f-3465020e8a94
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mMHw8hcNf%2F4%2B9szagHrtxLB%2BK7jHsHEcsfjar8weYEn3ukLeG0uAtcY2gIFPsJJ%2Bq%2FJx1Bk15p9ypMt3CsztYgEEw3UX0vWRm8JltfT%2BA6uFJZbsJULmlBcl2XnpdIs7f3U4SYoXIPFxa1mvZJL3"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-4g7wv
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
89fb7c3aaf1e4dca-FRA
x-robots-tag
none
favicon.ico
slm501y93viprod.azurewebsites.net/ 		894 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ce5ab6d59077eb33706bf0f57cb10f7771172b089cf376de913bfcef0326458b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
894
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
32fe5b6a042a7926533b3935df7cfc8bc20893fe87aedd94098be44ec771b1e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 23:06:28 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://slm501y93viprod.azurewebsites.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Sun, 07 Jul 2024 23:06:28 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.poshdevelopment.com
URL
https://api.poshdevelopment.com/api/v1/channel/web/v1/graphql?deploymentID=e1ae31bb-a037-4ab5-93be-d71beb1091f2

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| dataLayer object| appInsights function| _ function| iFrameResize object| AI object| Microsoft function| __extends function| _endsWith function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| a9 function| fbq function| _fbq function| lintrk object| ORIBILI object| rl_widget_cfg object| RLCAP object| captureStatus function| onYouTubeIframeAPIReady object| gaGlobal object| fontawesome object| _gsScope boolean| jquery_dotdotdot_min_js object| Mustache object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| ScrollToPlugin function| ScrollMagic function| CountUp function| FindApi object| api function| addAltToTrackingImage object| observer boolean| foundImage object| config object| Utils object| PlacesService object| Gallery object| autoComplete object| LoanOfficerService object| FinancialAdvisorService object| speechRecognition object| webpackJsonp function| setImmediate function| clearImmediate string| deploymentId object| posh object| $header object| A9PIXEL object| a9PixelQue function| ViantUniversalPixel object| _hsp object| __hsCollectedFormsDebug object| _hsq undefined| e9Manager undefined| e9 object| expoDisplayAd object| _paq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime

24 Cookies

Domain/Path Name / Value
.slm501y93viprod.azurewebsites.net/ Name: ARRAffinity
Value: 88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20
.slm501y93viprod.azurewebsites.net/ Name: ARRAffinitySameSite
Value: 88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20
slm501y93viprod.azurewebsites.net/ Name: ASP.NET_SessionId
Value: acgitctgpabqijjxcsyee1dv
slm501y93viprod.azurewebsites.net/ Name: EPi_NumberOfVisits
Value: 1,2024-07-07T23:06:26
slm501y93viprod.azurewebsites.net/ Name: ai_user
Value: UaMSl|2024-07-07T23:06:27.360Z
.slm501y93viprod.azurewebsites.net/ Name: _gcl_au
Value: 1.1.54876522.1720393588
.slm501y93viprod.azurewebsites.net/ Name: _ga_HV0QYWK2VZ
Value: GS1.1.1720393587.1.0.1720393587.0.0.0
.slm501y93viprod.azurewebsites.net/ Name: _ga
Value: GA1.1.636659426.1720393588
slm501y93viprod.azurewebsites.net/ Name: ai_session
Value: ipg16|1720393587789.2|1720393587789.2
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3281:u=1:x=1:i=1720393587:t=1720479987:v=2:sig=AQEVxOgpqmM0SbgGbUf1TaW22Ki3BP51"
.slm501y93viprod.azurewebsites.net/ Name: _fbp
Value: fb.2.1720393587814.862464164297540237
.linkedin.com/ Name: bcookie
Value: "v=2&a5c1548c-a985-4124-8e92-daeeb91c2f15"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjAzOTM1ODc7MjswMjGNjPkwh1vMA4awN6HGNX32Pf/hXY+vMtqBKmBKGUilag==
5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com/ Name: test
Value: test
.tribalfusion.com/ Name: ANON_ID
Value: aBnrXhqZbaO56iPq6eWMnY5HJqQw9MhOZbZditYbA1A78qDvvjZdjJ3FpNRUY1jYXAqDbMmC2Eb4
.hsforms.com/ Name: __cf_bm
Value: XxR5dGedVh_WkwbfyGhX4SOfV3oE6R8VvlcxODPECDw-1720393588-1.0.1.1-DY5kMCYeGapCPB.DgLrB7fCCgwlO3RpmdILohnh3ExthLimwKnCLPZhhlaavKQWMl4L1fjrIbssntTPLJrOOWg
.hsforms.com/ Name: _cfuvid
Value: By3HVBh.gQj1WIebxUggw5FEitlhBrfjiZdVMygS1zE-1720393588766-0.0.1.1-604800000
.ipredictive.com/ Name: cu
Value: b10adf86-843d-4885-985d-06a94f05f068|1720393588791
slm501y93viprod.azurewebsites.net/ Name: __hstc
Value: 24525925.fd09e4e83fdcc05d0de210fde3b09bb6.1720393588868.1720393588868.1720393588868.1
slm501y93viprod.azurewebsites.net/ Name: hubspotutk
Value: fd09e4e83fdcc05d0de210fde3b09bb6
slm501y93viprod.azurewebsites.net/ Name: __hssrc
Value: 1
slm501y93viprod.azurewebsites.net/ Name: __hssc
Value: 24525925.1.1720393588868
.hubspot.com/ Name: __cf_bm
Value: .qjwam0_da1hwto_.nlPbn2QtXz2BKr4cCRDMufEnE4-1720393589-1.0.1.1-zEUl5oGCWf1mEQqDakiiiaCOZDzfWNzEapmkundhpoeftYnGn2bwF.AaBaBJ8fEl7BefZ13yKZeQz6.GODZcdA
.hubspot.com/ Name: _cfuvid
Value: uuxhb_IHpsM_feCQrccSwicM7Atzmv8.QsruLqfmsjg-1720393589031-0.0.1.1-604800000

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript error URL: https://slm501y93viprod.azurewebsites.net/personal/accounts/open-a-certificate-of-deposit/spring-into-action-special-cd-promo/
Message:
Access to fetch at 'https://api.poshdevelopment.com/api/v1/channel/web/v1/graphql?deploymentID=e1ae31bb-a037-4ab5-93be-d71beb1091f2' from origin 'https://slm501y93viprod.azurewebsites.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.poshdevelopment.com/api/v1/channel/web/v1/graphql?deploymentID=e1ae31bb-a037-4ab5-93be-d71beb1091f2
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com
a.tribalfusion.com
ad.ipredictive.com
api.poshdevelopment.com
az416426.vo.msecnd.net
capture-api.reachlocalservices.com
cdn.rlets.com
cm.g.doubleclick.net
connect.facebook.net
dc.services.visualstudio.com
dl.episerver.net
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
js.ipredictive.com
js.poshdevelopment.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.tribalfusion.com
slm501y93viprod.azurewebsites.net
snap.licdn.com
track.hubspot.com
www.facebook.com
www.googletagmanager.com
api.poshdevelopment.com
104.18.24.173
104.18.80.204
13.107.42.14
142.250.184.226
18.66.112.57
18.66.147.19
18.66.147.76
20.50.88.234
2001:4860:4802:34::36
23.96.96.142
2600:9000:2724:ac00:6:9a19:88c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:4400::6812:22e5
2606:4700:4400::6812:24a8
2606:4700::6810:6cfe
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6810:a0a8
2620:1ec:21::14
2a00:1450:4001:80b::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:830::2008
2a02:26f0:3500:10::210:a9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.168.224.78
35.241.59.180
54.146.187.52
0216d874a945a1bf53036539389c257c571cde8f76ab1be43d71c20382ad7617
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
17923a86d2f12244b69eb1ebfe325f607caba7b39828a8940cce9c4efd1d957f
1e2916c514af4531e75fc3b6ab19dced7708cd47a7702cb1c91c1d53416c6a2c
1e43cbf3e54c447adae3b2b8c498dc6cba091b9b642786962439a3615e242a9f
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b343b21215fef87f4079b62256d4bc29f0697202fa85141731716654c303745
32fe5b6a042a7926533b3935df7cfc8bc20893fe87aedd94098be44ec771b1e4
3ff59603635e3d935f1531ab20f57aca57c6e6a32e64fb56d01bf9101d737172
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4991090fbde1a02bfe3577c04d5a239c9b17970cf6acf3589f02133936fba14c
4b12c3bc3d7209f36bfb54d2428a44bb19d4a022bba475c699f1ebd63f30ab18
50892e05de040d4a5fc8187946912abef13780983437d7677954c68bb0a11faa
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
623d3157340c2151bc9125f231cefff1be62809b5514a5e36505964e3de76e0b
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6673b2be79b4e12308271c4341f718710d7f13f391d5ec6411f5493aacde6bdd
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
6dc9b68b93a9546ed3a13fa45d97187d0cf1224daa92aaf6b5488102b5c46ac2
6e88b08c374f8146a851fd8667319a89812afc32859e634cce50c114406fe398
6f2ecc5698dd8a9c34eff1766ccf2087983cbfce23a644c5e0d842b0815203f3
77c58366127d4e57c33f6306797204ceec57af242b630e94c4663464741300da
8160a20058e8c1783b1fe0e6360e050ff8b79d8da2bf5969879fa832d7a1876f
8f1358eddcecee9dd2327d35ae86e22bee6d9629879a590708fe612141cbd558
9132e51090a99fe5b602951d8c6117d634b3b082f8100b9d73f91ebcf0590112
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
a1cb81c9f07f1f399db66ec188c02a1c74bc382df9a8550ab8091aac93dff8a2
a57109bd7d7d0f6aec02a9d29f98afed3ed0045fd986faa7b30ef809f3b52341
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae5a7426d7cd2662820f33f8e8dd238273644795270dfe77893fa92cb7d23062
bd4ff9d9cf0b9c08e94cc5bac213729ba4a52a1a0f5e3dfac94d2bbf19790524
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c83158574a0d7dae5281d4b442b7d7a78f292e57d4fb849085e1848adff92264
cdaf8366e1d48faf7f55491efde066ed78c707fd310592fd15d213aa12652d3d
ce5ab6d59077eb33706bf0f57cb10f7771172b089cf376de913bfcef0326458b
cf912cdc01eda9e96deab197b1e73194b019b0c61d5364e2a4b687453533f18d
d3cd72b3406363d94d62d7ae9305bdad3654ffb99dd041d574524077a2c0972f
d677e7ed32cf7e9c644210e0a7168ee8cdbcf2ec83ab7e5f4b8965de8cb83712
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9c954ddfbb2b980fc0801dce0231b7d996326063b07e70355e318a31d6fa5c6
fdf8bec264deacca71d57774d79e2309f558b5075da15bebb3bec96d8ec6324d