URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCW...
Submission: On May 15 via api from US — Scanned from DE

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 69 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is offer.swiftinvestments.com.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time offer.swiftinvestments.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
16 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
133 KB
9 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 25345
157 KB
9 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4481
55 KB
7 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 394
ajax.googleapis.com — Cisco Umbrella Rank: 385
249 KB
6 tctm.xyz
427942.tctm.xyz
16 KB
6 clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 10867
monitor.clickcease.com — Cisco Umbrella Rank: 18459
55 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
21 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
563 B
2 gstatic.com
maps.gstatic.com
5 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 21052
37 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5171
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
2 KB
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 25304
282 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
61 KB
1 swiftinvestments.com
offer.swiftinvestments.com
16 KB
69 15
Domain Requested by
14 d9hhrg4mnvzow.cloudfront.net offer.swiftinvestments.com
9 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
9 dev.visualwebsiteoptimizer.com offer.swiftinvestments.com
dev.visualwebsiteoptimizer.com
6 427942.tctm.xyz www.googletagmanager.com
427942.tctm.xyz
6 maps.googleapis.com offer.swiftinvestments.com
maps.googleapis.com
5 monitor.clickcease.com www.clickcease.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 maps.gstatic.com offer.swiftinvestments.com
2 www.google.com www.googletagmanager.com
offer.swiftinvestments.com
2 d34qb8suadcc4g.cloudfront.net offer.swiftinvestments.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com offer.swiftinvestments.com
1 www.google.de offer.swiftinvestments.com
1 www.clickcease.com offer.swiftinvestments.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 adservice.google.com www.googletagmanager.com
1 events.ub-analytics.com offer.swiftinvestments.com
1 www.googletagmanager.com offer.swiftinvestments.com
1 ajax.googleapis.com offer.swiftinvestments.com
1 offer.swiftinvestments.com
69 19

This site contains no links.

Subject Issuer Validity Valid
offer.swiftinvestments.com
R3
2023-03-27 -
2023-06-25
3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01
2023-02-21 -
2024-02-07
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2022-07-04 -
2023-08-05
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02
2022-11-17 -
2023-12-17
a year crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01
2023-03-11 -
2024-04-08
a year crt.sh
*.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
clickcease.com
Amazon RSA 2048 M02
2022-10-27 -
2023-11-25
a year crt.sh
*.tctm.xyz
Amazon RSA 2048 M02
2023-02-28 -
2023-12-20
10 months crt.sh
www.google.de
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.clickcease.com
Go Daddy Secure Certificate Authority - G2
2022-06-22 -
2023-06-29
a year crt.sh

This page contains 4 frames:

Primary Page: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Frame ID: 2DA52D1E250028B19758B77ADCF1B33F
Requests: 63 HTTP requests in this frame

Frame: https://dev.visualwebsiteoptimizer.com//ping_tpc.php?account=632988&name=_vwo_uuid_7&value=DB6C88E7AC7E3D70A6A027835852D659E&days=3650&random=0.9778311550058387
Frame ID: 3A74F500949B5AB8EBFEEEEC4F8A2574
Requests: 1 HTTP requests in this frame

Frame: https://dev.visualwebsiteoptimizer.com//ping_tpc.php?account=632988&name=_vis_opt_exp_7_combi_choose&value=1%2C1%2C1%2C2&days=100&random=0.45857839508041565
Frame ID: AB154626FD79CFFC40CBB0813B95D060
Requests: 1 HTTP requests in this frame

Frame: https://dev.visualwebsiteoptimizer.com//ping_tpc.php?account=632988&name=_vis_opt_exp_7_combi&value=1%2C1%2C1%2C2&days=100&random=0.6527594563133303
Frame ID: 00B9077109677418978FB8A8CA1991E9
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

69
Requests

99 %
HTTPS

68 %
IPv6

15
Domains

19
Subdomains

20
IPs

3
Countries

807 kB
Transfer

2091 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
offer.swiftinvestments.com/step1-l/
106 KB
16 KB
Document
General
Full URL
https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
97062eb793590c2f60a0919b83a76ac13fc950b1a81411aa9cdadc92bdc91b15

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
15852
content-location
https://offer.swiftinvestments.com/step1-l/
content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 00:09:44 GMT
etag
"e:529dce4363224f07997721fe1c88dc58"
link
<https://offer.swiftinvestments.com/step1-l/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
b324c381-99d0-482c-ad41-ca2cdef87235
x-unbounce-variant
e
x-unbounce-visitorid
529dce43-6322-4f07-9977-21fe1c88dc58
main-7b78720.z.css
builder-assets.unbounce.com/published-css/
15 KB
3 KB
Stylesheet
General
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 01:22:01 GMT
content-encoding
gzip
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-version-id
F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
last-modified
Wed, 23 Nov 2022 23:24:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
9845264
etag
"3d27e56a34e34b278ab5e182cbc3b587"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2902
x-amz-cf-id
J3yxCWukCl5CfsWXWr7DjFEpOtfCedRYxWTBmgQKqrTS-cniKv6C2Q==
ub.js
d34qb8suadcc4g.cloudfront.net/
5 KB
2 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 21:41:41 GMT
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
x-amz-version-id
TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified
Tue, 17 Jan 2023 21:14:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
10117684
etag
"fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1865
x-amz-cf-id
lLJxZ82rzq0sElr5YrgYxZzvpCrPeE3TGyCjmbeuQsisdaW101R_sw==
js
maps.googleapis.com/maps/api/
220 KB
70 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyA6ORyIAbN1nOUQPB2B8H5y73pYZkkgmQM&signed_in=true&libraries=places&callback=initAutocomplete
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ebe063ee69a7ddf308250437e1508fe27acf4afd580e3a21c3da41ad118008a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71850
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/
70 KB
25 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 02:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 02:42:34 GMT
main.bundle-85a7477.z.js
builder-assets.unbounce.com/published-js/
104 KB
33 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 19:49:55 GMT
content-encoding
gzip
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-version-id
TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop
FRA2-C1
age
6581990
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33747
last-modified
Mon, 27 Feb 2023 19:12:56 GMT
server
AmazonS3
etag
"b4081a636463cc60b1faf49e579e8cb9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
RAF_VcCx8UwdsD8bfuevtaJ25Y0uMR518kqcJjBfKhgWAt_1NAjJ4Q==
j.php
dev.visualwebsiteoptimizer.com/
12 KB
4 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=632988&u=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F%3Fgclid%3DCjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&f=1&r=0.5625636649210306
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
7f6d3d1bd116e70c8cc92a809d29e4e94a279351365e8e145336d4b24f33936a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1683844369"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtm.js
www.googletagmanager.com/
163 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRPLSSX
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eea36b49c3ff776167d5ac3a596b4932673bed4255c74385b6e9faace8aaa593
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
62553
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 May 2023 00:09:44 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
aabcef64-4_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
58 KB
59 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/aabcef64-4_1000000000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
776b079d31717969857b8b51fca1b32e0130ec0b01041ad3ef993b1eb5749179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
pfG.3l_K_WJMSmjEZs9X4UsatMonS82V
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"30a5e5305c3c1c254dc2e3e285432d67"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
59769
x-amz-cf-id
1NT_w1iwe3qamqJsXl_QKOIrHgecch3iHcMbn4XZtAT4Qv9LM3Ugfw==
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/
98 KB
30 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 04:47:10 GMT
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
2229755
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30399
x-amz-cf-id
juzvUFLDhrvmIUrTMf84rprLH7ubcYcyO-XP_xIjnQs-tCLgI-zcmQ==
tag-222616b94ccbb703acaf0c5d3d9dc1da.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/
177 KB
49 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-222616b94ccbb703acaf0c5d3d9dc1da.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=632988&u=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F%3Fgclid%3DCjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&f=1&r=0.5625636649210306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
65016a9a2214e8c69573e99a177071957b024f93ef5dc822e67c9f615a0182e9

Request headers

Referer
https://offer.swiftinvestments.com/
Origin
https://offer.swiftinvestments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 11 May 2023 13:23:16 GMT
server
gfra1
etag
"645cec44-c5d0"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50640
v.gif
dev.visualwebsiteoptimizer.com/
35 B
214 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=632988&d=offer.swiftinvestments.com&u=DB6C88E7AC7E3D70A6A027835852D659E&h=975037e2d1563287644a8794c5a88fa8&t=false&r=0.04833364647971017
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 00:09:44 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
f0d1a27c-422f-46b8-8444-4c90a882c802
https://offer.swiftinvestments.com/
5 KB
0
Stylesheet
General
Full URL
blob:https://offer.swiftinvestments.com/f0d1a27c-422f-46b8-8444-4c90a882c802
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
5523
Content-Type
text/css
css
fonts.ub-assets.com/
12 KB
2 KB
Stylesheet
General
Full URL
https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
d3e4c34f7060202f641c3c8e239e242418eb489c964f4b915fe28f50692f2b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
5843f82d-d981-424b-83ae-60d5eeaf7a03
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
E7-7aHivIAMF7lA=
content-length
921
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-64617848-1d29a0ce4989274c72f811f4
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
EZ0hainuQ3M9A1jcfMgOHubCb8iLQD0dDhl7UY_Uloafa8GzrBSQoQ==
3061fef0-five-stars_1079044000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
3 KB
3 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/3061fef0-five-stars_1079044000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c003831372995ae79d82d0bda920ef0aa373e36f6e7ef585e182359d4843bed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
Stu7kTtGdSmprbOTjhDPC.9fe9csFYHW
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"a75fc3bae52ca567cc8511b30638aa62"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3103
x-amz-cf-id
yosysXIe70-GprlOpfMh9AJE7-kmJ5wiosj70lgikOZSzEAC153yTg==
52451498-greyscale-1-0010-layer-1_102g02c000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
940 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/52451498-greyscale-1-0010-layer-1_102g02c000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff993527f056afb51df5b528e0c75019317e92b92fdd622c4f076cd2ed960643

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
7U12v0TKLKrg8QcDgBXB9.pyWSantnWT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"244d1d42cb151c0f431ca2d5fa16d8e1"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
940
x-amz-cf-id
D3x83dOrRk0_2VFMKbaTXPBEqch320Do9CF7HHUDIoMWhMFLIvoxpw==
a14761f7-greyscale-no-repairs_102k02g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
988 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/a14761f7-greyscale-no-repairs_102k02g000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
817335ecf35df30b40ba93c2189add4cc1104e45b837054b3937049b32971f70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
uKnK0SV72ztFRsN3x9uEX99YSJpR8hlh
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"244a313c9a3647ada3a09f57b2742f4e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
988
x-amz-cf-id
rwLR1ompKlCiCDzSuiVJTizbMCwrg_szW-E8gHfelDjDQD7K0SsDqQ==
47042a5a-greyscale-1-0002-layer-4_102g02802g027000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
1 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/47042a5a-greyscale-1-0002-layer-4_102g02802g027000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd391f07c57e17149a499458f5a2bb412350d63a21b322ca2711eef3c341dac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
pINIMJlAZl4RKyomkjtXKYV7hDEbp.HV
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"9b32e5a89fc939f031a5801517df6e75"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1251
x-amz-cf-id
xq0Y7h-Xl4Gz3Cm3QiBcabnJ08cD6jtqwRl-ipOBUWGk0FIzcYC8xQ==
d6fe1438-greyscale-1-0004-layer-2_1040020000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
2 KB
3 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/d6fe1438-greyscale-1-0004-layer-2_1040020000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9de0977d97bf6232ec041d471e9eca86cb82555d9ab6052a1cb0957da3b916be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
TB1I.cr_OayXPBqGHRZpEj6TEENB.WZT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"829d7a658570a846cb1515d4d792d904"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2234
x-amz-cf-id
7R95bmw5aNQENGHuA24gp3hribbW3wJ_eifFGmvTljj4Re-enVpDiw==
01d1deba-greyscale-1-0009-layer-7_103102o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
1 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/01d1deba-greyscale-1-0009-layer-7_103102o000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57dcca40d62fae2936c62645282f078f55553faf5f66b7f6e088bd07363df854

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
0yrOG3UYCf_9B2G1JPCOn036QVKsnDaV
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"e4bb79cb82a300649457a6d15b8eded5"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1207
x-amz-cf-id
JGfFmcCA_W4zxmHAZIjxCIvff0QQePEG0DDtpsZAcxe_wGi7IM3yOQ==
e98bb70c-greyscale-1-0006-_102y02g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
2 KB
3 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/e98bb70c-greyscale-1-0006-_102y02g000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcf6a579f6c766a21b6e91c1d12b22d4c3bc148d4a0d9f2cdbb33ee01a5bb7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
b313Qlu6wHZHS5ylHRLBxSulNVOvaek_
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"c9b21aa883d741e90942a5c577d13042"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2151
x-amz-cf-id
fQbEeqPlf_tc8VqDZw7WIYX7kYroYSLpcc4hBDHkL7zzNFDjy1GdZw==
b1430951-2_1047046000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
8 KB
8 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/b1430951-2_1047046000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80d0c1f6c7ba238dd67d64888bf521bf4aa4db1ec99125ad09ee5f4b76177a68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
p.c6_T.3jSDzkwm_Av8usKu1yz5Iclb1
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"c016d4cb56244cfd6003a08c73d0c2e6"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
7807
x-amz-cf-id
20AGFoDDwf7ocrL2btAolbfMxG8DqQupW6IuFE_1dg8aUIbsyrJTMQ==
01aefc51-1_1047046000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
6 KB
7 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/01aefc51-1_1047046000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c4d1fda175cddb19ae45dc308b3ca186d9cab0a63011eb5ffcc786aecb8ce5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
J8OmAisTK9NkR2Z29IZTK4eTK.yC0iHF
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"44102a52579e37a03080c509ae5a9235"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
6257
x-amz-cf-id
8rmZ_o9_4R8P65W343K7f3XgiHLOfUtvJBrxyEnwjgmEevG6e-M_5g==
9ad8b1c5-3_1047046000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
5 KB
6 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/9ad8b1c5-3_1047046000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2faae67e3535c1d69549834d8dea1dce6894cfd2fe0147b3182da26acb5193aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
0WMChXsT6v8OZEjZ_Jf8AuKTYl8hO8P.
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"d78e97597a5e28670804e39ea210d09d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
5408
x-amz-cf-id
bSlmORuqT38tz4rsegmG6aqyJPti4Y63deengQ2pWXkCiJzHP5NXIA==
750d9195-greyscale-1-0003-layer-3_102s02d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
2 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/750d9195-greyscale-1-0003-layer-3_102s02d000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c6530bf165039f713a697f9aad18f1bde36be2d87b883042007d79b866c9210

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
Tmo7MDUSuQA5yqV7_bXmF90hlayYuX.b
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"49efa4f264bdc191ee362ea3bffc8771"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1800
x-amz-cf-id
Hr1y0109IJrfy-ReCs5F3NSnRlZKUEJmYtzqEEEcH0oOVeBqARdiug==
c18a7bbf-greyscale-1-0008-_102b031000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
1 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/c18a7bbf-greyscale-1-0008-_102b031000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3fcb0f62236ce752e9a9bab856fa018e4fb7cb363a8268a97d36a7b60879a62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
06uidM_2wq0X7uOooI4N5IzUJ0j8wrI_
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"ef999746c7324b20b3270f1c5fdaadb1"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1395
x-amz-cf-id
GGty_Hb4rlviPD4NB2RJeyYGD5Q44tDnfLA8ikaTehTs4RwwAi7w3Q==
03fd6fa6-color-logo-no-background-1_107a02h000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/
2 KB
3 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offer.swiftinvestments.com/step1-l/03fd6fa6-color-logo-no-background-1_107a02h000000000000028.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf546b1c4c5e9e2901b6e8ba4772d92be743ac110de329a7b6a2a932e479bc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
x-amz-version-id
LTqESJ04_Fx5in77JjXkrkUKq7zrdbfH
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 15:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"1a613fe6acefb6e17f0a8fe096b32c0e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2408
x-amz-cf-id
8hMt0avsuRanQlarNKsiEwC4T6-a3PKhmXndj-v69EFafROKBjMr4A==
i
events.ub-analytics.com/
43 B
282 B
Image
General
Full URL
https://events.ub-analytics.com/i?stm=1684109384482&e=pv&url=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F%3Fgclid%3DCjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=f9abb236-88d5-4510-a03c-03adedba07ac&dtm=1684109384481&vp=1600x1200&ds=1600x2807&vid=1&sid=5d71aa05-bbd2-43a4-bd6b-6d86ec932d6c&duid=017d0044-21a9-4277-a602-02e26eb90178&uid=529dce43-6322-4f07-9977-21fe1c88dc58&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYjMyNGMzODEtOTlkMC00ODJjLWFkNDEtY2EyY2RlZjg3MjM1IiwidmFyaWFudElkIjoiZSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6ImR0YSJ9fV19
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.233.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-233-231.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
regclk
adservice.google.com/pagead/
0
0
Ping
General
Full URL
https://adservice.google.com/pagead/regclk?auid=1055034086.1684109385&url=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F&tft=1684109384507&tfd=533&frm=0&gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&gclsrc=aw
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRPLSSX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

landing
www.google.com/pagead/
42 B
455 B
Ping
General
Full URL
https://www.google.com/pagead/landing?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&gtm=45He35a0n81TRPLSSX&auid=1055034086.1684109385
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRPLSSX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 00:09:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/728002925/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/728002925/?random=1684109384509&cv=11&fst=1684109384509&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F%3Fgclid%3DCjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&hn=www.googleadservices.com&frm=0&auid=1055034086.1684109385&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRPLSSX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56de86f28df07387e6fe3759731f33943caeb1c6b7c7ec762d74e0c319193953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 00:09:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1268
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRPLSSX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 May 2023 22:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5645
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 15 May 2023 00:35:39 GMT
stat.js
www.clickcease.com/monitor/
171 KB
54 KB
Script
General
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:b800:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
content-encoding
gzip
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 00:09:31 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-amz-cf-pop
FRA56-P4
age
15
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 22 Nov 2022 11:31:37 GMT
server
AmazonS3
etag
W/"1c27f449b067550681f23ad3e53988fa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
microphone 'none'; camera 'none';
x-amz-cf-id
miuxj84_2to-9R_7-231qOO-rnBKpCzuLE8FZ7EtEG_Iqg00kabRHQ==
t.js
427942.tctm.xyz/
46 KB
15 KB
Script
General
Full URL
https://427942.tctm.xyz/t.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRPLSSX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4c00:b:527a:2d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash
d24df3ffc07b285b3d75e87a52f56ad4a99bbd550158d7b5fc8cbc3018ad3e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
content-encoding
gzip
via
1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
last-modified
Mon, 15 May 2023 00:09:44 GMT
server
ctm
x-amz-cf-pop
FRA60-P2
etag
W/64617848000687a68451bed1-427942
x-cache
Miss from cloudfront
content-type
application/x-javascript
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
BUh--lLF_Ixrg4uSsrzAMeKc8eaVv1R8_jqdD92gSMgwd9ko7B1G6Q==
l.gif
dev.visualwebsiteoptimizer.com/
35 B
52 B
Ping
General
Full URL
https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=7&account_id=632988&cu=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F%3Fgclid%3DCjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&combination=1,1,1,2&s=1&sId=1684109384&u=DB6C88E7AC7E3D70A6A027835852D659E&ed=%7B%22tz%22%3A%22Etc%2FUnknown%22%2C%22tO%22%3A%220%22%2C%22lt%22%3A%221684109384559%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&vn=7.0.275&vns=undefined&vno=undefined&eTime=1684109384570&random=0.3594084305934664
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-222616b94ccbb703acaf0c5d3d9dc1da.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 00:09:44 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA6ORyIAbN1nOUQPB2B8H5y73pYZkkgmQM&signed_in=true&libraries=places&callback=initAutocomplete
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://offer.swiftinvestments.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
common.js
maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/
272 KB
60 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA6ORyIAbN1nOUQPB2B8H5y73pYZkkgmQM&signed_in=true&libraries=places&callback=initAutocomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f2ab659374f1c9c7d89cfa475e6d9e6089cf3f92ae5835cfa60c5cbd7c2aa86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 12:19:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
301836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61448
x-xss-protection
0
last-modified
Wed, 03 May 2023 01:13:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 May 2024 12:19:08 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/
164 KB
52 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA6ORyIAbN1nOUQPB2B8H5y73pYZkkgmQM&signed_in=true&libraries=places&callback=initAutocomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bedce72abc16ef066f53454ed55f6090b81b444ff1d5b72c459b8fdd149044d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
174680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52709
x-xss-protection
0
last-modified
Wed, 03 May 2023 01:13:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 23:38:24 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/
91 KB
24 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA6ORyIAbN1nOUQPB2B8H5y73pYZkkgmQM&signed_in=true&libraries=places&callback=initAutocomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b923ef3141b5da1cd86ecc7e6fc37f59a938413bdd164fd7be5c1466b5dab50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 14:58:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
292301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24258
x-xss-protection
0
last-modified
Wed, 03 May 2023 01:13:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 May 2024 14:58:03 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/
57 KB
18 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA6ORyIAbN1nOUQPB2B8H5y73pYZkkgmQM&signed_in=true&libraries=places&callback=initAutocomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266f294fb43799342dae62572e97aaf636781b0be490956d0350865e0ccaca23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:13:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
298579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18068
x-xss-protection
0
last-modified
Wed, 03 May 2023 01:13:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 May 2024 13:13:25 GMT
settings.js
dev.visualwebsiteoptimizer.com/
2 KB
870 B
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=632988&settings_type=1&vn=7.0&exc=7
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-222616b94ccbb703acaf0c5d3d9dc1da.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
14dfd7cfcb66a81a434734ecf69c4947b9cdbe8216acb701fdae94eb61d2b6ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1683844369"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ping_tpc.php
dev.visualwebsiteoptimizer.com// Frame 3A74
0
35 B
Document
General
Full URL
https://dev.visualwebsiteoptimizer.com//ping_tpc.php?account=632988&name=_vwo_uuid_7&value=DB6C88E7AC7E3D70A6A027835852D659E&days=3650&random=0.9778311550058387
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://offer.swiftinvestments.com
Referer
https://offer.swiftinvestments.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 00:09:44 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI INT"
server
gfra1
via
1.1 google
ping_tpc.php
dev.visualwebsiteoptimizer.com// Frame AB15
0
35 B
Document
General
Full URL
https://dev.visualwebsiteoptimizer.com//ping_tpc.php?account=632988&name=_vis_opt_exp_7_combi_choose&value=1%2C1%2C1%2C2&days=100&random=0.45857839508041565
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://offer.swiftinvestments.com
Referer
https://offer.swiftinvestments.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 00:09:44 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI INT"
server
gfra1
via
1.1 google
s.gif
dev.visualwebsiteoptimizer.com/
35 B
52 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=632988&u=DB6C88E7AC7E3D70A6A027835852D659E&s=1684109384&p=1&tags={%22si%22:{%227%22:%221%2C1%2C1%2C2%22}}&update=1&cq=0&vn=7.0.275&vns=undefined&vno=undefined&_cu=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F%3Fgclid%3DCjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4&eTime=1684109384625&random=0.09439596237388903
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 00:09:44 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
ping_tpc.php
dev.visualwebsiteoptimizer.com// Frame 00B9
0
35 B
Document
General
Full URL
https://dev.visualwebsiteoptimizer.com//ping_tpc.php?account=632988&name=_vis_opt_exp_7_combi&value=1%2C1%2C1%2C2&days=100&random=0.6527594563133303
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://offer.swiftinvestments.com
Referer
https://offer.swiftinvestments.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 00:09:44 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI INT"
server
gfra1
via
1.1 google
/
www.google.com/pagead/1p-user-list/728002925/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/728002925/?random=1684109384509&cv=11&fst=1684108800000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F%3Fgclid%3DCjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&frm=0&fmt=3&is_vtc=1&random=2814077555&rmt_tld=0&ipr=y
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 00:09:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/728002925/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/728002925/?random=1684109384509&cv=11&fst=1684108800000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F%3Fgclid%3DCjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&frm=0&fmt=3&is_vtc=1&random=2814077555&rmt_tld=1&ipr=y
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 00:09:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
215 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1345665846&t=pageview&_s=1&dl=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F%3Fgclid%3DCjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAgCAAI~&jid=1397752599&gjid=932891754&cid=1231867060.1684109385&tid=UA-261604539-1&_gid=34986539.1684109385&_r=1&_slc=1&gtm=45He35a0n81TRPLSSX&z=118685985
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.swiftinvestments.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 00:09:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.swiftinvestments.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.js
427942.tctm.xyz/
74 B
469 B
Script
General
Full URL
https://427942.tctm.xyz/p.js?sid=64617848000687a68451bed1&p=1757290.1.248.939.5325&
Requested by
Host: 427942.tctm.xyz
URL: https://427942.tctm.xyz/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4c00:b:527a:2d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash
6a9ac9297d8ef23695d71373c10f49cc5fc84b89a426b83d758ef13ffc75f58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
content-encoding
gzip
via
1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
server
ctm
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
content-type
application/x-javascript
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
sIF6asxk7ByHu6MQ8P9AQy8L6A51m500g6Se_FLp9_I7Yf1MMztprw==
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/
2 KB
2 KB
Image
General
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1616
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Mon, 15 May 2023 00:09:44 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/
3 KB
3 KB
Image
General
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: offer.swiftinvestments.com
URL: https://offer.swiftinvestments.com/step1-l/?gclid=CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 00:09:44 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3351
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Mon, 15 May 2023 00:09:44 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Origin
https://offer.swiftinvestments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:15:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23040
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1036442
x-amzn-requestid
a6bcac63-31f7-42a7-a795-a3c79ef7e030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
EUcjQEruIAMFoLw=
content-length
23041
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6451a7ae-3b8576e93a2a5a7b6e044029
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
jEzTQ7qRFYP455WHm8JjucnpSY6QW_DadPN2QPqQihJduy9NLHUdMg==
S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/
23 KB
24 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Origin
https://offer.swiftinvestments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23580
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1036597
x-amzn-requestid
4a10d137-c669-4fc8-bc9d-ebb1a3a2b4d4
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
EUcLEEJuoAMFYNw=
content-length
23578
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6451a713-5a3dc6fb498279ab2ce1cdeb
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
8gIpWzVAygB-qGo_VHozjjhJDxgWHA8HQcLIzbBMxiETdTMQSseg7A==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Origin
https://offer.swiftinvestments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:42:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15744
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1798054
x-amzn-requestid
ff01d1ee-0668-4ebc-b9c2-0d537a59d6fb
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
D3ZJbGUDoAMFWJA=
content-length
15767
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-644608a2-083b1a7f389f2dea58beaad8
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
FnYSsv-Z4SAHv1fO_bxOLeedopXGaoEAygiLfiblGMvdkWEmLLUJCg==
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Origin
https://offer.swiftinvestments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 00:47:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15740
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
7687334
x-amzn-requestid
a358f42d-c53e-42ee-b392-742c7974cbb4
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
AWvBdFB8oAMFviQ=
content-length
15763
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63ec2ba2-0c8553043a02442b027a697a
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Vvnb11DjqlrWs_OdA3DLFQM1XHP-gRUEd2ldGtuXOU_WSPomQwr3Og==
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Origin
https://offer.swiftinvestments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23236
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1036687
x-amzn-requestid
3a0d2cdd-479f-4c3e-8818-eafe99421330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
EUb9BGa1IAMFXQQ=
content-length
23067
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6451a6b9-5b9f99b00fd60be724a1d1e2
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
2vNEvJ2EaXIqrE89orZVTS2xdG8OrQ1leWfBogRO_egPgJf_xWdgQA==
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/
22 KB
23 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Origin
https://offer.swiftinvestments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
22504
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1036596
x-amzn-requestid
4f676554-5a99-4f9a-9cda-d41b3fd5a3a1
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
EUcLNGdcIAMFslw=
content-length
22518
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6451a714-4646b3b76c5600fb1e3965d7
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ssk_83v5vVp44gsi-GWBQV1uXreSpi6sbKM51FM7mhuJR8z8t1n4dg==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Origin
https://offer.swiftinvestments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 07:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15860
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2220574
x-amzn-requestid
17d22947-6834-4f06-b980-db46d6b8a64a
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
DnRmtFEgoAMFkYw=
content-length
15883
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-643f962a-79732aee387c91fb46d20f8d
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
V3kU05TUteWobGIxumDYa824WguGrtvN_d6y9eGsVgWv5Xb-A_lxRg==
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.ub-assets.com/fonts/s/sourcesanspro/v21/
12 KB
13 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:400,700,regular,900,300%7CRoboto:regular,300,700%7CSource+Sans+Pro:italic
Origin
https://offer.swiftinvestments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 01:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
12580
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
3449788
x-amzn-requestid
e7eb61f7-0305-418f-bcf0-27f8bfffa7f7
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
C4YmAE7goAMFvNQ=
content-length
12603
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:19:48 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-642cd48c-47d7f5ce765768f475feac0d
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
lDoRGowBZVG3oRkRDSSJP5RttRX-qxlkl23nRj1U2rFbG5xCzW2TlQ==
statsV2
monitor.clickcease.com/monitor/api/
42 B
180 B
XHR
General
Full URL
https://monitor.clickcease.com/monitor/api/statsV2?type=object
Requested by
Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:a004::bfeb:8c20 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e0a51c3902b673d52b9b929d573feeda103fd8f4f3e71361409bf34000718b31

Request headers

Referer
https://offer.swiftinvestments.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 15 May 2023 00:09:44 GMT
server
Microsoft-IIS/10.0
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vm
10.1.0.20
content-length
42
expires
-1
entry2
monitor.clickcease.com/V2/recorder/ Frame
0
0
Preflight
General
Full URL
https://monitor.clickcease.com/V2/recorder/entry2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:a004::bfeb:8c20 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://offer.swiftinvestments.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 15 May 2023 00:09:44 GMT
server
Kestrel
vm
10.1.0.20
entry2
monitor.clickcease.com/V2/recorder/
124 B
189 B
Fetch
General
Full URL
https://monitor.clickcease.com/V2/recorder/entry2
Requested by
Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:a004::bfeb:8c20 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e95a4623cd277ed6b0dcb986bf4f968b0499ef60b15e43592941b1a39597974b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://offer.swiftinvestments.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=2592000
date
Mon, 15 May 2023 00:09:44 GMT
server
Kestrel
vm
10.1.0.20
content-type
text/plain; charset=utf-8
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1345665846&t=adtiming&_s=2&dl=https%3A%2F%2Foffer.swiftinvestments.com%2Fstep1-l%2F%3Fgclid%3DCjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1115&pdt=1&dns=54&rrt=1&srt=270&tcp=21&dit=469&clt=469&_gst=542&_gbt=668&_u=YHBAAEABAAAAgCAAI~&jid=&gjid=&cid=1231867060.1684109385&tid=UA-261604539-1&_gid=34986539.1684109385&gtm=45He35a0n81TRPLSSX&z=371429689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer.swiftinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 01:10:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82760
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
x.json
427942.tctm.xyz/ Frame
0
0
Preflight
General
Full URL
https://427942.tctm.xyz/x.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2250:4c00:b:527a:2d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://offer.swiftinvestments.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-type
text/plain
date
Mon, 15 May 2023 00:09:45 GMT
server
ctm
via
1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
x-amz-cf-id
UAVyBBGSy9RrSnifIBJ-32CzXRAdZCwsqrjTtC25Y8t6KFLT5w0sww==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
x.json
427942.tctm.xyz/
0
288 B
XHR
General
Full URL
https://427942.tctm.xyz/x.json
Requested by
Host: 427942.tctm.xyz
URL: https://427942.tctm.xyz/t.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2250:4c00:b:527a:2d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.swiftinvestments.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
via
1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
server
ctm
x-amz-cf-pop
FRA60-P2
access-control-max-age
2592000
access-control-allow-methods
POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
Content-Type
x-amz-cf-id
9VHCJuSxCvTQXLJGIcaugHHUXBrCUzXp1vgh5nheIL0XHtJZLafDaQ==
x.json
427942.tctm.xyz/
0
286 B
XHR
General
Full URL
https://427942.tctm.xyz/x.json
Requested by
Host: 427942.tctm.xyz
URL: https://427942.tctm.xyz/t.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2250:4c00:b:527a:2d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.swiftinvestments.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 15 May 2023 00:09:45 GMT
via
1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
server
ctm
x-amz-cf-pop
FRA60-P2
access-control-max-age
2592000
access-control-allow-methods
POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
Content-Type
x-amz-cf-id
8pPYNUaOHNoIyf64p1_P3Nq9z_qmHiiVOO2G_apjpzp8Gzr8Ls4glA==
x.json
427942.tctm.xyz/ Frame
0
0
Preflight
General
Full URL
https://427942.tctm.xyz/x.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2250:4c00:b:527a:2d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://offer.swiftinvestments.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-type
text/plain
date
Mon, 15 May 2023 00:09:45 GMT
server
ctm
via
1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
x-amz-cf-id
8KGcMA0U0wOBVkJVR-MJoiI56LOKI3k9Jg5IPG2w7DiFT97O5n0MMQ==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
entry2
monitor.clickcease.com/V2/recorder/
33 B
67 B
Fetch
General
Full URL
https://monitor.clickcease.com/V2/recorder/entry2
Requested by
Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:a004::bfeb:8c20 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
304d312c67b1242e6746f89b61d23b7e2be98991813ebc43bc0cf78e72ad2d95
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://offer.swiftinvestments.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=2592000
date
Mon, 15 May 2023 00:09:47 GMT
server
Kestrel
vm
10.1.0.20
content-type
text/plain; charset=utf-8
entry2
monitor.clickcease.com/V2/recorder/ Frame
0
0
Preflight
General
Full URL
https://monitor.clickcease.com/V2/recorder/entry2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:a004::bfeb:8c20 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://offer.swiftinvestments.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 15 May 2023 00:09:47 GMT
server
Kestrel
vm
10.1.0.20

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| ub object| module number| settings_timer number| _vwo_settings_timer object| _vwo_code undefined| placeSearch object| autocomplete object| componentForm function| initAutocomplete function| fillInAddress function| geolocate object| dataLayer function| $ function| jQuery string| boxToAppend string| headerOrFooter object| backgroundCSS object| colorOverlayCSS object| childrenCSS object| boxParent object| boxClone object| UnbounceSnowplowNamespace function| ubSnowplow number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_text object| _vwo_textnode function| commonWrapper function| pushBasedCommonWrapper string| _vwo_cookieDomain string| _vwo_uuid number| _vwo_library_timer string| _vis_opt_file string| _vis_opt_lib undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO string| g object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| VWOOmni function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_manager object| google_tag_data object| GooglebQhCsO string| GoogleAnalyticsObject function| ga object| script string| target object| elem function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath string| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| google function| reactiveElementPolyfillSupport object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime object| ccConsole boolean| ccinstalled object| __ctm boolean| __ctm_debug object| __ctm_tracked_numbers boolean| __ctm_tracked object| __ctm_nodes_visible object| __ctm_nodes_clicked object| __ctm_queue object| __ctm_config function| ptTrackVistor function| ptTrackVisitor function| ptTrackEvent object| __ctmi function| __ctm_invoke object| __ctm_loaded object| __ctm_cvars object| __e3_

24 Cookies

Domain/Path Name / Value
offer.swiftinvestments.com/step1-l/ Name: ubpv
Value: e%2Cb324c381-99d0-482c-ad41-ca2cdef87235
offer.swiftinvestments.com/ Name: ubvs
Value: 529dce43-6322-4f07-9977-21fe1c88dc58
.swiftinvestments.com/ Name: ubvt
Value: v2%7C529dce43-6322-4f07-9977-21fe1c88dc58%7Cb324c381-99d0-482c-ad41-ca2cdef87235%3Ae%3Adta
.offer.swiftinvestments.com/ Name: _vwo_uuid_v2
Value: DB6C88E7AC7E3D70A6A027835852D659E|975037e2d1563287644a8794c5a88fa8
.swiftinvestments.com/ Name: _gcl_aw
Value: GCL.1684109385.CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
.swiftinvestments.com/ Name: _gcl_au
Value: 1.1.1055034086.1684109385
.swiftinvestments.com/ Name: _vis_opt_s
Value: 1%7C
.swiftinvestments.com/ Name: _vis_opt_test_cookie
Value: 1
.swiftinvestments.com/ Name: _vwo_uuid
Value: DB6C88E7AC7E3D70A6A027835852D659E
.swiftinvestments.com/ Name: _vwo_ds
Value: 3%241684109384%3A9.24309893%3A%3A
.swiftinvestments.com/ Name: _vwo_uuid_7
Value: DB6C88E7AC7E3D70A6A027835852D659E
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.swiftinvestments.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.swiftinvestments.com/ Name: _vis_opt_exp_7_combi
Value: 1%2C1%2C1%2C2
427942.tctm.xyz/ Name: ct427942
Value: 64617848000687a68451bed1
dev.visualwebsiteoptimizer.com/ Name: _vwo_uuid_7_632988
Value: DB6C88E7AC7E3D70A6A027835852D659E
dev.visualwebsiteoptimizer.com/ Name: _vis_opt_exp_7_combi_choose_632988
Value: 1%2C1%2C1%2C2
dev.visualwebsiteoptimizer.com/ Name: _vis_opt_exp_7_combi_632988
Value: 1%2C1%2C1%2C2
.swiftinvestments.com/ Name: _ga
Value: GA1.2.1231867060.1684109385
.swiftinvestments.com/ Name: _gid
Value: GA1.2.34986539.1684109385
.swiftinvestments.com/ Name: _gac_UA-261604539-1
Value: 1.1684109385.CjwKCAjwjYKjBhB5EiwAiFdSfv5cHyRCEZXrY00HQG97oyKYn4S2PO_go-hroKiscMhBbTxtHbRQeRoCWf8QAvD_BwE
.swiftinvestments.com/ Name: _gat_UA-261604539-1
Value: 1
.swiftinvestments.com/ Name: __ctmid
Value: 64617848000687a68451bed1
offer.swiftinvestments.com/ Name: __ctmid
Value: 64617848000687a68451bed1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

427942.tctm.xyz
adservice.google.com
ajax.googleapis.com
builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dev.visualwebsiteoptimizer.com
events.ub-analytics.com
fonts.ub-assets.com
googleads.g.doubleclick.net
maps.googleapis.com
maps.gstatic.com
monitor.clickcease.com
offer.swiftinvestments.com
www.clickcease.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.189.30
13.32.99.8
2600:9000:223e:b800:15:a0d3:77c0:93a1
2600:9000:2250:4c00:b:527a:2d40:93a1
2600:9000:2250:e000:1d:11cf:5800:93a1
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a01:111:f100:a004::bfeb:8c20
3.211.233.231
3.69.136.55
34.96.102.137
52.222.250.12
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0c6530bf165039f713a697f9aad18f1bde36be2d87b883042007d79b866c9210
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14dfd7cfcb66a81a434734ecf69c4947b9cdbe8216acb701fdae94eb61d2b6ba
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
266f294fb43799342dae62572e97aaf636781b0be490956d0350865e0ccaca23
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2faae67e3535c1d69549834d8dea1dce6894cfd2fe0147b3182da26acb5193aa
304d312c67b1242e6746f89b61d23b7e2be98991813ebc43bc0cf78e72ad2d95
3b923ef3141b5da1cd86ecc7e6fc37f59a938413bdd164fd7be5c1466b5dab50
3f2ab659374f1c9c7d89cfa475e6d9e6089cf3f92ae5835cfa60c5cbd7c2aa86
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
56de86f28df07387e6fe3759731f33943caeb1c6b7c7ec762d74e0c319193953
57dcca40d62fae2936c62645282f078f55553faf5f66b7f6e088bd07363df854
65016a9a2214e8c69573e99a177071957b024f93ef5dc822e67c9f615a0182e9
6a9ac9297d8ef23695d71373c10f49cc5fc84b89a426b83d758ef13ffc75f58c
6c4d1fda175cddb19ae45dc308b3ca186d9cab0a63011eb5ffcc786aecb8ce5e
776b079d31717969857b8b51fca1b32e0130ec0b01041ad3ef993b1eb5749179
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7f6d3d1bd116e70c8cc92a809d29e4e94a279351365e8e145336d4b24f33936a
80d0c1f6c7ba238dd67d64888bf521bf4aa4db1ec99125ad09ee5f4b76177a68
817335ecf35df30b40ba93c2189add4cc1104e45b837054b3937049b32971f70
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
8c003831372995ae79d82d0bda920ef0aa373e36f6e7ef585e182359d4843bed
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
97062eb793590c2f60a0919b83a76ac13fc950b1a81411aa9cdadc92bdc91b15
9bedce72abc16ef066f53454ed55f6090b81b444ff1d5b72c459b8fdd149044d
9cf546b1c4c5e9e2901b6e8ba4772d92be743ac110de329a7b6a2a932e479bc9
9de0977d97bf6232ec041d471e9eca86cb82555d9ab6052a1cb0957da3b916be
b3fcb0f62236ce752e9a9bab856fa018e4fb7cb363a8268a97d36a7b60879a62
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d24df3ffc07b285b3d75e87a52f56ad4a99bbd550158d7b5fc8cbc3018ad3e26
d3e4c34f7060202f641c3c8e239e242418eb489c964f4b915fe28f50692f2b5d
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dcf6a579f6c766a21b6e91c1d12b22d4c3bc148d4a0d9f2cdbb33ee01a5bb7b8
dd391f07c57e17149a499458f5a2bb412350d63a21b322ca2711eef3c341dac2
e0a51c3902b673d52b9b929d573feeda103fd8f4f3e71361409bf34000718b31
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e95a4623cd277ed6b0dcb986bf4f968b0499ef60b15e43592941b1a39597974b
ebe063ee69a7ddf308250437e1508fe27acf4afd580e3a21c3da41ad118008a2
eea36b49c3ff776167d5ac3a596b4932673bed4255c74385b6e9faace8aaa593
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff993527f056afb51df5b528e0c75019317e92b92fdd622c4f076cd2ed960643