mail.3-235-70-42.cprapid.com Open in urlscan Pro
3.235.70.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.3-235-70-42.cprapid.com/
Submission: On June 05 via api (June 5th 2024, 9:15:36 am UTC) from US — Scanned from DE

Summary HTTP 154 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 52 IPs in 7 countries across 41 domains to perform 154 HTTP transactions. The main IP is 3.235.70.42, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mail.3-235-70-42.cprapid.com.
TLS certificate: Issued by Sunmark Credit Union - ISS01 - G1 on May 13th 2024. Valid for: a year.

This is the only time mail.3-235-70-42.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	3.235.70.42 3.235.70.42	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.35.58.56 13.35.58.56	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20a... 2600:9000:20a0:6e00:7:e536:8b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
6 12	52.86.247.178 52.86.247.178	14618 (AMAZON-AES) (AMAZON-AES)
1 2	74.204.78.79 74.204.78.79	26554 (US-SIGNAL) (US-SIGNAL)
3	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.86.4.129 99.86.4.129	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
3	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
3	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
8	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
5	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
16 20	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:245... 2600:9000:2450:4c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:c1b1:7b29:76c8:90d0	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.158.230.254 35.158.230.254	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.54.132.127 52.54.132.127	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.97.171 2.18.97.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.253.110.95 34.253.110.95	16509 (AMAZON-02) (AMAZON-02)
1	52.30.41.229 52.30.41.229	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
3	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	52.5.50.49 52.5.50.49	14618 (AMAZON-AES) (AMAZON-AES)
1	54.167.120.255 54.167.120.255	14618 (AMAZON-AES) (AMAZON-AES)
154	52

35 3.235.70.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-235-70-42.compute-1.amazonaws.com

mail.3-235-70-42.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.35.58.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-56.fra60.r.cloudfront.net

cdn.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:f5cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20a0:6e00:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.86.247.178 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-247-178.compute-1.amazonaws.com

www.sunmark.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.204.78.79 (Grand Rapids, United States) 1 redirects

ASN26554 (US-SIGNAL, US)
PTR: customer-74-204-78-79.host.ussignalcom.net

www.lovemycreditunion.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
banners.lovemycreditunion.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-129.fra6.r.cloudfront.net

thefontzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.91.62.186 (Groningen, Netherlands) 16 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2450:4c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:c1b1:7b29:76c8:90d0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.230.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-230-254.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.132.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-132-127.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.97.171 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-97-171.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.110.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-110-95.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.41.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-41-229.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.100 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.122 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.50.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-50-49.compute-1.amazonaws.com

connect.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.167.120.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-120-255.compute-1.amazonaws.com

connect.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	cprapid.com mail.3-235-70-42.cprapid.com	5 MB
23	simpli.fi 16 redirects tag.simpli.fi — Cisco Umbrella Rank: 5233 i.simpli.fi — Cisco Umbrella Rank: 4651 um.simpli.fi — Cisco Umbrella Rank: 959	12 KB
13	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1397 kit.fontawesome.com — Cisco Umbrella Rank: 2099 ka-p.fontawesome.com — Cisco Umbrella Rank: 3854	317 KB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	5 KB
12	sunmark.org 6 redirects www.sunmark.org	41 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	129 KB
7	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 4084 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4138	288 KB
7	segmint.net cdn.segmint.net — Cisco Umbrella Rank: 44685 connect.segmint.net — Cisco Umbrella Rank: 49199	146 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	529 KB
5	google.de www.google.de — Cisco Umbrella Rank: 8139	413 B
5	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 cm.g.doubleclick.net — Cisco Umbrella Rank: 276	859 B
5	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 4101 va.v.liveperson.net — Cisco Umbrella Rank: 4344	125 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	85 KB
4	googleadservices.com 3 redirects www.googleadservices.com — Cisco Umbrella Rank: 137	2 KB
4	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1565 insight.adsrvr.org — Cisco Umbrella Rank: 1044	5 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1007	63 KB
3	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3163 www.google.com — Cisco Umbrella Rank: 5	93 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65 region1.google-analytics.com — Cisco Umbrella Rank: 2406	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 260	31 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 277	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2257	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 488	140 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2942	878 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 522	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 523	712 B
2	lovemycreditunion.org 1 redirects www.lovemycreditunion.org banners.lovemycreditunion.org — Cisco Umbrella Rank: 604274	15 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 570	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 421	239 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 975	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1093	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 969	478 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1770	421 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 558	342 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 7526	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 448	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1298	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 703	237 B
1	thefontzone.com thefontzone.com — Cisco Umbrella Rank: 43680	378 B
1	brandcdn.com tag.brandcdn.com — Cisco Umbrella Rank: 20179	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	1 KB
0	intentiq.com Failed sync.intentiq.com Failed
154	41

	Domain	Requested by
35	mail.3-235-70-42.cprapid.com	mail.3-235-70-42.cprapid.com
20	um.simpli.fi	16 redirects mail.3-235-70-42.cprapid.com
12	www.facebook.com	mail.3-235-70-42.cprapid.com
12	www.sunmark.org	6 redirects mail.3-235-70-42.cprapid.com
7	ka-p.fontawesome.com	kit.fontawesome.com mail.3-235-70-42.cprapid.com
6	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagmanager.com	mail.3-235-70-42.cprapid.com www.googletagmanager.com
5	www.google.de	mail.3-235-70-42.cprapid.com
5	lpcdn.lpsnmedia.net	lptag.liveperson.net
5	connect.facebook.net	mail.3-235-70-42.cprapid.com connect.facebook.net
4	www.googleadservices.com	3 redirects www.googletagmanager.com
4	unpkg.com	2 redirects mail.3-235-70-42.cprapid.com
4	cdn.segmint.net	mail.3-235-70-42.cprapid.com cdn.segmint.net
4	use.fontawesome.com	mail.3-235-70-42.cprapid.com use.fontawesome.com
3	connect.segmint.net	cdn.segmint.net
3	va.v.liveperson.net	lptag.liveperson.net
3	insight.adsrvr.org	mail.3-235-70-42.cprapid.com js.adsrvr.org
3	cdnjs.cloudflare.com	mail.3-235-70-42.cprapid.com cdnjs.cloudflare.com
2	ib.adnxs.com	1 redirects mail.3-235-70-42.cprapid.com
2	www.google.com	2 redirects
2	googleads.g.doubleclick.net	2 redirects
2	loadm.exelator.com	1 redirects mail.3-235-70-42.cprapid.com
2	idsync.rlcdn.com	mail.3-235-70-42.cprapid.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects mail.3-235-70-42.cprapid.com
2	sync.1rx.io	2 redirects
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	lptag.liveperson.net	mail.3-235-70-42.cprapid.com
2	www.google-analytics.com	mail.3-235-70-42.cprapid.com www.google-analytics.com
2	tag.simpli.fi	mail.3-235-70-42.cprapid.com www.googletagmanager.com
2	kit.fontawesome.com	mail.3-235-70-42.cprapid.com kit.fontawesome.com
1	cm.g.doubleclick.net	mail.3-235-70-42.cprapid.com
1	us-u.openx.net	mail.3-235-70-42.cprapid.com
1	pixel.rubiconproject.com	mail.3-235-70-42.cprapid.com
1	ce.lijit.com	mail.3-235-70-42.cprapid.com
1	bcp.crwdcntrl.net	mail.3-235-70-42.cprapid.com
1	stags.bluekai.com	mail.3-235-70-42.cprapid.com
1	sync.bfmio.com	mail.3-235-70-42.cprapid.com
1	aa.agkn.com	mail.3-235-70-42.cprapid.com
1	simplifi.partners.tremorhub.com	mail.3-235-70-42.cprapid.com
1	eb2.3lift.com	mail.3-235-70-42.cprapid.com
1	sync.targeting.unrulymedia.com	mail.3-235-70-42.cprapid.com
1	s.ad.smaato.net	mail.3-235-70-42.cprapid.com
1	region1.analytics.google.com	www.googletagmanager.com
1	i.simpli.fi	tag.simpli.fi
1	region1.google-analytics.com	www.googletagmanager.com
1	thefontzone.com	mail.3-235-70-42.cprapid.com
1	banners.lovemycreditunion.org	mail.3-235-70-42.cprapid.com
1	www.lovemycreditunion.org	1 redirects
1	js.adsrvr.org	mail.3-235-70-42.cprapid.com
1	tag.brandcdn.com	mail.3-235-70-42.cprapid.com
1	fonts.googleapis.com	mail.3-235-70-42.cprapid.com
0	sync.intentiq.com Failed	mail.3-235-70-42.cprapid.com
154	55

This site contains links to these domains. Also see Links.

Domain
www.sunmark.org
partner.lendkey.com
apply.sunmark.org
www.sunmarkonlinebanking.org
www.paybill.com

Subject Issuer	Validity	Valid
www.sunmark.us Sunmark Credit Union - ISS01 - G1	`2024-05-13` - `2025-06-15`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.segmint.net Amazon RSA 2048 M03	`2023-11-01` - `2024-11-30`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.brandcdn.com Amazon RSA 2048 M02	`2023-08-02` - `2024-08-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
thefontzone.com Amazon RSA 2048 M02	`2024-03-24` - `2025-04-22`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-14` - `2024-06-12`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh
*.googleadservices.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.de WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-10-31` - `2024-10-30`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://mail.3-235-70-42.cprapid.com/
Frame ID: D282420AB2AC992D8FFAB8C406EAE0F0
Requests: 148 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.28.0-release_1286430736/storage.secure.min.html?loc=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&site=29115509&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: 4AD2282189855326B40E002E5CE1210C
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=o7domzk&ref=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&upid=ih88ekm&upv=1.1.0
Frame ID: 286AE4F88A0B5D7C958A2139DD1391E8
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=o7domzk&ref=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&upid=ykf6dqs&upv=1.1.0
Frame ID: 8827B0DAB7B68E2BE5F85667370BA3CF
Requests: 1 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/doughnut/en1AG9GnGK
Frame ID: 2D1FBFBCD192709558618BD0187E5E29
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Bright Way To Bank :: Sunmark Credit Union - New York Capital Region

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
jquery\.prettyPhoto\.js

Page Statistics

154
Requests

58 %
HTTPS

30 %
IPv6

41
Domains

55
Subdomains

52
IPs

7
Countries

6433 kB
Transfer

9925 kB
Size

28
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sunmark.org/bank
Title: Bank

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow
Title: Borrow

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/insure
Title: Insure

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/plan
Title: Plan

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/connect
Title: Connect

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/you
Title: For You

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/business-banking
Title: For Business

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/choose
Title: Checking

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/you/savings-accounts
Title: Savings

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/kasasa
Title: Kasasa

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/debit-cards
Title: Debit Cards

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/you/online-banking
Title: Online Banking

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/mobile
Title: Mobile Banking

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/kasasa/kasasa-cash-checking
Title: Kasasa Cash Checking

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/kasasa/kasasa-cash-back
Title: Kasasa Cash Back

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/kasasa/kasasa-cash-saver
Title: Kasasa Saver

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/kasasa/kasasa-protects
Title: Kasasa Protect

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/member-solution-center
Title: Member Solution Center

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/albany-va-medical-center
Title: Albany – VA Medical Center

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/brunswick
Title: Brunswick

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/clifton-park
Title: Clifton Park

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/colonie
Title: Colonie

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/delmar
Title: Delmar

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/glenmont
Title: Glenmont

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/glenville
Title: Glenville

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/guilderland
Title: Guilderland

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/hudson
Title: Hudson

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/you/current-branch-locations/latham
Title: Latham

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/milton
Title: Milton

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/mohegan-lake
Title: Mohegan Lake

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/you/current-branch-locations/north-greenbush-247-mytm-only
Title: North Greenbush - 24/7 myTM only

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/rotterdam
Title: Rotterdam

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/five-corners-branch
Title: Rotterdam - Five Corners

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/locations/schenectady
Title: Schenectady

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/wilton
Title: Wilton

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/estatements
Title: eStatements

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/you/online-banking/online-security-statement
Title: Online Security Statement

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/business-banking/business-checking
Title: Checking

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/business-banking/business-savings
Title: Savings

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/business-banking/business-debit-cards
Title: Debit Cards

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/business-banking/business-merchant-services-payroll
Title: Services & Payroll

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/you/mobile-banking
Title: Mobile Banking

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/you/current-branch-locations
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/small-business-bundle
Title: Small Business Bundle

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow/you
Title: For You

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow/business
Title: For Business

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow/you/home-equity
Title: Home Equity

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/mortgage
Title: Mortgages

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow/you/vehicle-loans
Title: Auto Loans

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow/you/personal-loans
Title: Personal Loans

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow/you/credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://partner.lendkey.com/sunmark/student
Title: Student Loans

Search URL Search Domain Scan URL

URL: https://partner.lendkey.com/sunmark/refinance
Title: Student Refinance

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow/existing-student-choice-loans
Title: Student Choice Loans

Search URL Search Domain Scan URL

URL: https://apply.sunmark.org/#/
Title: Apply for a Mortgage

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow/you/mortgages/mortgage-process
Title: The Mortgage Process

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/dream-program
Title: Homebuyer Dream Program

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/mortgage/loanofficers
Title: Our Mortgage Team

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/solar
Title: Solar Loans

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/skip
Title: Skip A Payment

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow/business/business-loans
Title: Business Loans

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/borrow/business/business-credit-cards
Title: Business Credit Cards

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/linked-deposit-program
Title: Linked Deposit Program

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/insure/auto-insurance
Title: Auto Insurance

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/insure/homeowners-insurance
Title: Homeowners Insurance

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/insure/business-insurance
Title: Business Insurance

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/plan/financial-calculators
Title: Calculators

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/plan/financial-counseling
Title: Financial Wellness

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/investments
Title: Sunmark Wealth Management

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/foundation
Title: Sunmark Foundation

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/connect/community-business-partners
Title: Community Business Partners

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/connect/volunteer
Title: Volunteer

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/connect/disclosures
Title: Disclosures

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/connect/sunmark-360
Title: Sunmark 360

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/foundation/about
Title: About

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/foundation/donate-foundation
Title: Donate to the Foundation

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/foundation/request-donation
Title: Request a Donation

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/connect/sunmark-360?cat=foundation
Title: News and Events

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/foundation/kindness
Title: Summer of Kindness

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/foundation/kindness/kids-kindness-workshops
Title: Kids Kindness Workshops

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/foundation/kindness/deposit-kindness
Title: Deposit Kindness

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/odp
Title: Overdraft Privilege

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/connect/disclosures/privacy-and-security
Title: Privacy and Security

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/connect/disclosures/privacy-and-security/online-privacy-policy
Title: Online Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sunmarkonlinebanking.org/tob/live/usp-core/app/authUpdate
Title: Forgot Username / Password

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/business
Title: Business Solutions

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/bank/co-op-atm-network
Title: Find an ATM

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/discover/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/

Search URL Search Domain Scan URL

URL: https://www.sunmarkonlinebanking.org/tob/live/usp-core/app/login/consumer
Title: Log Into Online Banking

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/current-rates
Title: See All Rates

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/dreambigger

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/investments/swmseminars

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/holiday-closing

Search URL Search Domain Scan URL

URL: https://www.paybill.com/consumer/?ClientId=sunmarkcu
Title: Make a loan payment

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/connect/sunmark-360/sponsorships-open-24th-annual-sunmark-charity-golf-tournament

Search URL Search Domain Scan URL

URL: https://www.sunmark.org/connect/sunmark-360/sunmark-partners-valleycats-youth-savings-month

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://unpkg.com/swiper@8/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css

Request Chain 12

https://unpkg.com/swiper@8/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js

Request Chain 23

https://www.sunmark.org/download_file/6/1 HTTP 302
https://www.sunmark.org/application/files/5415/1684/0974/what_1.png

Request Chain 24

https://www.sunmark.org/download_file/5/1 HTTP 302
https://www.sunmark.org/application/files/2215/1862/0501/Sunmark_hmpg-mortgage_chs021418-01.png

Request Chain 25

https://www.sunmark.org/download_file/970/1 HTTP 302
https://www.sunmark.org/application/files/7815/9827/2810/Make-loan-payment_1.png

Request Chain 26

https://www.sunmark.org/download_file/9/1 HTTP 302
https://www.sunmark.org/application/files/1215/1684/0975/what_5.png

Request Chain 27

https://www.sunmark.org/download_file/8/1 HTTP 302
https://www.sunmark.org/application/files/9915/1862/0837/Open_an_Account.png

Request Chain 28

https://www.sunmark.org/download_file/60/1 HTTP 302
https://www.sunmark.org/application/files/7715/1861/9464/Sunmark_hmpg-mobile-app_chs021418-01.png

Request Chain 36

https://www.lovemycreditunion.org/client/love_my_cu/banner_push/?bid=4870&campid=36&clientid=1884&sid=1 HTTP 301
https://banners.lovemycreditunion.org/client/love_my_cu/banner_push/?bid=4870&campid=36&clientid=1884&sid=1

Request Chain 109

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 110

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/60BC3BC13D80415A85CFFE560F159D3C HTTP 302
https://sync.1rx.io/usersync/simplifi/60BC3BC13D80415A85CFFE560F159D3C?zcc=1&cb=1717578929461 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-91836246-bcb0-42dc-a4e1-f0e8dc9e2370-003

Request Chain 111

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=60BC3BC13D80415A85CFFE560F159D3C&dongle=yf3

Request Chain 112

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 113

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=60BC3BC13D80415A85CFFE560F159D3C HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 114

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 115

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 118

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=60BC3BC13D80415A85CFFE560F159D3C;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=60BC3BC13D80415A85CFFE560F159D3C;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=6415251981121571458

Request Chain 119

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=60BC3BC13D80415A85CFFE560F159D3C&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=60BC3BC13D80415A85CFFE560F159D3C&j=0&xl8blockcheck=1

Request Chain 121

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 122

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 123

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 124

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 125

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 126

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1717578928722&cv=7&fst=1717578928722&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=617839817&cv=7&fst=1717578928722&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI2p_Gj5DEhgMVgYeDBx1xyic_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6JWh0dHBzOi8vbWFpbC4zLTIzNS03MC00Mi5jcHJhcGlkLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=617839817&cv=7&fst=1717578928722&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI2p_Gj5DEhgMVgYeDBx1xyic_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6JWh0dHBzOi8vbWFpbC4zLTIzNS03MC00Mi5jcHJhcGlkLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLJqAxyQdqbC9a89eG3I5njb1rEWbzog&random=2942615377 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=617839817&cv=7&fst=1717578928722&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI2p_Gj5DEhgMVgYeDBx1xyic_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6JWh0dHBzOi8vbWFpbC4zLTIzNS03MC00Mi5jcHJhcGlkLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLJqAxyQdqbC9a89eG3I5njb1rEWbzog&random=2942615377&ipr=y

Request Chain 128

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=60BC3BC13D80415A85CFFE560F159D3C HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D60BC3BC13D80415A85CFFE560F159D3C

Request Chain 129

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=60BC3BC13D80415A85CFFE560F159D3C&expires=365

Request Chain 130

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=60BC3BC13D80415A85CFFE560F159D3C

Request Chain 135

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/758421210/?random=1240019319&cv=11&fst=1717578928750&bg=ffffff&guid=ON&async=1&gtm=45be4630v9181623667z879350051za201zb79350051&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&label=0l7qCIma0NwBENqt0ukC&hn=www.googleadservices.com&frm=0&tiba=The%20Bright%20Way%20To%20Bank%20%3A%3A%20Sunmark%20Credit%20Union%20-%20New%20York%20Capital%20Region&value=0&npa=1&pscdl=noapi&auid=1896957983.1717578928&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&eitems=ChAI8JmAswYQlv3ClaS4sJ8GEh0AOSrGO52wQ1rJrReV488S6_cbvft3aB_DpiY1HQ&pscrd=IhMItJG2j5DEhgMVbYmDBx1esgWcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6JWh0dHBzOi8vbWFpbC4zLTIzNS03MC00Mi5jcHJhcGlkLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/758421210/?random=1240019319&cv=11&fst=1717578928750&bg=ffffff&guid=ON&async=1&gtm=45be4630v9181623667z879350051za201zb79350051&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&label=0l7qCIma0NwBENqt0ukC&hn=www.googleadservices.com&frm=0&tiba=The%20Bright%20Way%20To%20Bank%20%3A%3A%20Sunmark%20Credit%20Union%20-%20New%20York%20Capital%20Region&value=0&npa=1&pscdl=noapi&auid=1896957983.1717578928&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMItJG2j5DEhgMVbYmDBx1esgWcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6JWh0dHBzOi8vbWFpbC4zLTIzNS03MC00Mi5jcHJhcGlkLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLw9HKhar8aZuv8ohM9a25fAjZDvjVmQ&eitems=ChAI8JmAswYQlv3ClaS4sJ8GEh0AOSrGO-LtxNH49pDXmutsNj80ep1L2ZfEf98gFQ&random=289261550 HTTP 302
https://www.google.de/pagead/1p-conversion/758421210/?random=1240019319&cv=11&fst=1717578928750&bg=ffffff&guid=ON&async=1&gtm=45be4630v9181623667z879350051za201zb79350051&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&label=0l7qCIma0NwBENqt0ukC&hn=www.googleadservices.com&frm=0&tiba=The%20Bright%20Way%20To%20Bank%20%3A%3A%20Sunmark%20Credit%20Union%20-%20New%20York%20Capital%20Region&value=0&npa=1&pscdl=noapi&auid=1896957983.1717578928&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMItJG2j5DEhgMVbYmDBx1esgWcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6JWh0dHBzOi8vbWFpbC4zLTIzNS03MC00Mi5jcHJhcGlkLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLw9HKhar8aZuv8ohM9a25fAjZDvjVmQ&eitems=ChAI8JmAswYQlv3ClaS4sJ8GEh0AOSrGO-LtxNH49pDXmutsNj80ep1L2ZfEf98gFQ&random=289261550&ipr=y

Request Chain 142

https://www.googleadservices.com/pagead/conversion/758421210/wcm?cc=ZZ&dn=866SUNMARK&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham&npa=1&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=866SUNMARK&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham

Request Chain 143

https://www.googleadservices.com/pagead/conversion/758421210/wcm?cc=ZZ&dn=18667866275&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham&npa=1&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18667866275&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham

154 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mail.3-235-70-42.cprapid.com/ 58 KB
12 KB 1837ms
1429ms Document
text/html 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.3-235-70-42.cprapid.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-235-70-42.compute-1.amazonaws.com

Software

Apache /

Resource Hash

5e8620c6047c5723190b5c316298ed4560e4ffafb41d9c1ef31b61348334ae8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, private max-age=1
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 11732
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 Jun 2024 09:15:26 GMT
Expires: Wed, 05 Jun 2024 09:15:26 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H2 200 2154a65263.js Show response
use.fontawesome.com/ 9 KB
4 KB 113ms
45ms Script
text/javascript 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/2154a65263.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c731d3d6b9ede605e3694c843e5edf2d55dab8f7aa03c231167dc67d4f8d1381

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:23:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3389
etag: W/"475f617edf5aa5984424726f8ec39e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HF4Te%2B01J3b1X4pJ%2BZzj9upme%2FptHmCNHjCBlxS9XcB1vWdHwDEXjtJ50XsNXNC3Gob5EPjyQEJ6d4gx6HEkpG%2B6D8oDtT9xzuo5Czxg1KFUkXbayghp0SakPmCTPviNjtWcLn1Yv%2FVPAp4gzP7uX3zs"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 88ef0ee36d1f5d4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 114ms
37ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Prompt:200,300,400,500,600,700,800,900

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc89dbfe25e1fcd023c65ae263084a131243f0f8a488be45092579f551b1c13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jun 2024 09:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 09:15:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Jun 2024 09:15:26 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ 57 KB
11 KB 87ms
42ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 472012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10301
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-e4d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7HMtBk%2Fmnfaks1MX0RXT4TmIaa6YNsl1oKHofk1z6GaJ%2FBApBuI%2Flhk2sXYeFmMFFU7PkOwu9u3%2FVTD3gbH23S7EW73G5xMUKXKaBMfVrDc6hARltbjSgXsGPDcbf%2BA5be%2BEfqA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88ef0ee34ac49193-FRA
expires: Mon, 26 May 2025 09:15:26 GMT

GET
H/1.1 200
OK style.css
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/ 103 KB
16 KB 129ms
120ms Stylesheet
text/css 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/style.css
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9cf0e46fa1c3e318a6b189ca6d6bce9d5d97cd19f0b526992c67cce2de6eb01a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 May 2024 14:00:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15880
Expires: Wed, 12 Jun 2024 09:15:26 GMT

GET
H/1.1 200
OK prettyPhoto.css
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/ 20 KB
3 KB 249ms
119ms Stylesheet
text/css 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/prettyPhoto.css
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4c45736bc60eeed145a8c5f7707d8676bcc3c2dd00c6d6b9e447b7de082c0dc9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2018 18:46:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2820
Expires: Wed, 12 Jun 2024 09:15:26 GMT

GET
H/1.1 200
OK responsive.css
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/ 25 KB
5 KB 396ms
116ms Stylesheet
text/css 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/responsive.css
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: b1a4638a53f52dbfb3b07761d12cdd31516ea20382078ea5011261f749556ae5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 20:04:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4563
Expires: Wed, 12 Jun 2024 09:15:26 GMT

GET
H/1.1 200
OK bootstrap.min.css
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/ 270 B
517 B 395ms
115ms Stylesheet
text/css 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/bootstrap.min.css
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: cdd040a14db2ae4b158a154f8ff749a811a929dea0d0c975d0ef05101527ce92

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Jun 2018 17:23:40 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 158
Expires: Wed, 12 Jun 2024 09:15:26 GMT

GET
H/1.1 200
OK mmenu.css
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/node_modules/mmenu-js/dist/ 47 KB
7 KB 397ms
118ms Stylesheet
text/css 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/node_modules/mmenu-js/dist/mmenu.css
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 592f7a145a159143186eea430ec0ed3db79ea6ba618d90340069b130de9ab0ac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 14:10:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6709
Expires: Wed, 12 Jun 2024 09:15:26 GMT

GET
H/1.1 200
OK responsive.css
cdn.segmint.net/ 128 KB
128 KB 130ms
27ms Stylesheet
text/css 13.35.58.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/responsive.css
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-56.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55a4bbda631fb29baa0cfa8163acdbe0e666c122f73df1e72e7abffca1b42e48

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:08:58 GMT
Via: 1.1 d51f8b07f1cd9f6dbf62bb0b0c961f1c.cloudfront.net (CloudFront)
Last-Modified: Wed, 05 Jun 2024 09:00:01 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P10
Age: 389
ETag: "1d4ef7efcd324500eecc8f80b9d2944a"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131032
X-Amz-Cf-Id: vZZ8EgvXmskiqn5p2Qb9Swydms8oZ4W-5vS4cu--dRHTHjYUI3hbQA==

GET
H/1.1 200
OK mmenu.js Show response
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/node_modules/mmenu-js/dist/ 69 KB
69 KB 511ms
116ms Script
text/javascript 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/node_modules/mmenu-js/dist/mmenu.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 280905e84382a3a66fd41281ee9aa77d7b030edd2e3e428c29385991e687bc2e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Thu, 27 Feb 2020 21:18:33 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: max-age=186400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 70599
Expires: Fri, 07 Jun 2024 13:02:07 GMT

GET
H2 200 fa8e90d474.js Show response
kit.fontawesome.com/ 12 KB
5 KB 591ms
516ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/fa8e90d474.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8993d48dffb84dbe0745f78523108a23c75c4634da9d7ad6a506f9c90cdfd73f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:27 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 88ef0ee37b0a9116-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F9YQ7x1PxymnYzVSpUui

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@8.4.7/
Redirect Chain

https://unpkg.com/swiper@8/swiper-bundle.min.css
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css

16 KB
6 KB

39ms
36ms

Stylesheet
text/css

2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:26 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1616204
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HY3NJAJB1K45EZ8KFV2TG207-fra
server: cloudflare
etag: "406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 88ef0ee3c8e6bbd7-FRA

Redirect headers

date: Wed, 05 Jun 2024 09:15:26 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HZKTPYN7A4VB03HGFXYWYQ5E-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 200
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@8.4.7/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 88ef0ee36862bbd7-FRA

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@8.4.7/
Redirect Chain

https://unpkg.com/swiper@8/swiper-bundle.min.js
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js

140 KB
57 KB

61ms
55ms

Script
application/javascript

2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:26 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7230758
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWB3RR2P76BKPKH73BCXE1N-fra
server: cloudflare
etag: "2315a-9NyNRghnOcWBIRhbLQ9OGQcQ8Rs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 88ef0ee3b8e2bbd7-FRA

Redirect headers

date: Wed, 05 Jun 2024 09:15:26 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HZKTCMJ8GKM9VQCHQW93R0CK-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 538
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@8.4.7/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 88ef0ee36865bbd7-FRA

GET
H/1.1 200
OK font-awesome.css
mail.3-235-70-42.cprapid.com/concrete/css/ 30 KB
7 KB 393ms
117ms Stylesheet
text/css 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/concrete/css/font-awesome.css
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 1a93bc35ec0b525dffa555be6e3b451e59527878dd8db7db4ca3ffb808ebe3de

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2024 14:05:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7055
Expires: Wed, 12 Jun 2024 09:15:26 GMT

GET
H/1.1 200
OK jquery.js Show response
mail.3-235-70-42.cprapid.com/application/js/ 98 KB
99 KB 508ms
118ms Script
text/javascript 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/js/jquery.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 593f9c4a6bf67a2eecdf30ad7b6de62f39af4e76bfa5ad40566871b7a5dceb11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Thu, 22 Jun 2023 14:13:57 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: max-age=186400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 100700
Expires: Fri, 07 Jun 2024 13:02:07 GMT

GET
H/1.1 200
OK 99574a4d7bb72074783938cdb470dc162751238f.css
mail.3-235-70-42.cprapid.com/application/files/cache/css/ 4 KB
2 KB 398ms
123ms Stylesheet
text/css 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/files/cache/css/99574a4d7bb72074783938cdb470dc162751238f.css
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a14ce3a5e0eb18c487d68f7f6292f9da727643bc7a19ebd540507a8ba07edf8f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2024 14:14:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1259
Expires: Wed, 12 Jun 2024 09:15:26 GMT

GET
H2 200 Sunmark_FCU.js Show response
tag.brandcdn.com/autoscript/sunmarkfcu_vgtsqk1fnuvam2m9/ 1 KB
1 KB 152ms
32ms Script
text/javascript 2600:9000:20a0:6e00:7:e536:8b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/sunmarkfcu_vgtsqk1fnuvam2m9/Sunmark_FCU.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6e00:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 683067cdf60cd900439a6f9b7a08f55c685c0db2b2592714346d84c9200fc1e0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: P.pZkJHc1n.RFXIhDgi_Fp1X5EVbOaBr
date: Tue, 04 Jun 2024 16:25:05 GMT
via: 1.1 ba01234d30a5778423f79c0c58d283ce.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 20:10:55 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 60622
x-amz-server-side-encryption: AES256
etag: "10f09cf91c5e3e968e61f9f6d26319f7"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1092
x-amz-cf-id: 7KoFjDMGfRo7lHQUk1YE6qfwCy2CpFStTYgYHWTL3fQRojPesBCf1g==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 93ms
25ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 04:46:20 GMT
Content-Encoding: gzip
Via: 1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 May 2024 04:42:45 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
Age: 16147
x-amz-server-side-encryption: AES256
ETag: W/"a60a4e2650f94da6f243b9518761b381"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 1f168679fqTo2hBIrjaaN0k8EAZW78tIenNjSg1m-ciO590ziGekwA==

GET
H/1.1 200
OK logo_full.svg
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/ 5 KB
6 KB 118ms
117ms Image
image/svg+xml 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/logo_full.svg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: f67e0ea90679b225a59039f5e9e0e101cec72e2d17ad0c8665c5bfb36cb0542d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Thu, 02 Jan 2020 13:27:10 GMT
Server: Apache
Content-Type: image/svg+xml
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5607
Expires: Wed, 05 Jun 2024 09:15:28 GMT

GET
H/1.1 200
OK Home_Page_Banner_1500x575_copy.jpg
mail.3-235-70-42.cprapid.com/application/files/5417/1465/4372/ 689 KB
689 KB 120ms
119ms Image
image/jpeg 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/files/5417/1465/4372/Home_Page_Banner_1500x575_copy.jpg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 149c0b3ececef8654e65f36597b25c290f07a4d54f51d32cc33c338615872717

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Thu, 02 May 2024 12:52:52 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 705494
Expires: Fri, 05 Jul 2024 09:15:27 GMT

GET
H/1.1 200
OK SWM_Meet_a_Financial_Advisor_Home_Page_Banner_Generic.jpg
mail.3-235-70-42.cprapid.com/application/files/8717/0604/0017/ 73 KB
74 KB 117ms
117ms Image
image/jpeg 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/files/8717/0604/0017/SWM_Meet_a_Financial_Advisor_Home_Page_Banner_Generic.jpg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: af627c9f59d53c8f3daf66245c6542968576e13962e2e6fa2c80e49cdf3175a7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Tue, 23 Jan 2024 20:00:17 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 75018
Expires: Fri, 05 Jul 2024 09:15:27 GMT

GET
H/1.1 200
OK Mortgage_In_Branch_Day_Home_Page_Banner_5Corners.jpg
mail.3-235-70-42.cprapid.com/application/files/5817/1164/8633/ 579 KB
579 KB 120ms
116ms Image
image/jpeg 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/files/5817/1164/8633/Mortgage_In_Branch_Day_Home_Page_Banner_5Corners.jpg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: f6e8c4dcc4abad6a24e685370c8c61062c1884852db72f8bea654dfd100486ca

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Thu, 28 Mar 2024 17:57:13 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 592936
Expires: Fri, 05 Jul 2024 09:15:27 GMT

GET
H/1.1 200
OK Memorial_Day.jpg
mail.3-235-70-42.cprapid.com/application/files/5017/1459/3252/ 355 KB
355 KB 124ms
118ms Image
image/jpeg 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/files/5017/1459/3252/Memorial_Day.jpg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 8512505e18e16f0b4eed4f1734ad936c1d9d358e8c31041c37bf1d6f572b9fa9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Wed, 01 May 2024 19:54:12 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 363651
Expires: Fri, 05 Jul 2024 09:15:27 GMT

GET
H/1.1

200
OK

what_1.png
www.sunmark.org/application/files/5415/1684/0974/
Redirect Chain

https://www.sunmark.org/download_file/6/1
https://www.sunmark.org/application/files/5415/1684/0974/what_1.png

19 KB
19 KB

124ms
123ms

Image
image/png

52.86.247.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunmark.org/application/files/5415/1684/0974/what_1.png
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Server: 52.86.247.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-247-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 41b3f3e0bc982170fceb4e2e3f94242306aacaae431a133daf65b00b2b536973

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Thu, 25 Jan 2018 00:42:54 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 19151
Expires: Fri, 05 Jul 2024 09:15:28 GMT

Redirect headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.sunmark.org/application/files/5415/1684/0974/what_1.png
Cache-Control: no-cache, private, max-age=1
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Wed, 05 Jun 2024 09:15:29 GMT

GET
H/1.1

200
OK

Sunmark_hmpg-mortgage_chs021418-01.png
www.sunmark.org/application/files/2215/1862/0501/
Redirect Chain

https://www.sunmark.org/download_file/5/1
https://www.sunmark.org/application/files/2215/1862/0501/Sunmark_hmpg-mortgage_chs021418-01.png

2 KB
3 KB

128ms
127ms

Image
image/png

52.86.247.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunmark.org/application/files/2215/1862/0501/Sunmark_hmpg-mortgage_chs021418-01.png
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Server: 52.86.247.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-247-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 35ed17d3975944e4811ff635d50f4197c46c63bc50f8b8a46f663fcfbec1c77c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Wed, 14 Feb 2018 15:01:41 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2513
Expires: Fri, 05 Jul 2024 09:15:28 GMT

Redirect headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.sunmark.org/application/files/2215/1862/0501/Sunmark_hmpg-mortgage_chs021418-01.png
Cache-Control: no-cache, private, max-age=1
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Wed, 05 Jun 2024 09:15:29 GMT

GET
H/1.1

200
OK

Make-loan-payment_1.png
www.sunmark.org/application/files/7815/9827/2810/
Redirect Chain

https://www.sunmark.org/download_file/970/1
https://www.sunmark.org/application/files/7815/9827/2810/Make-loan-payment_1.png

2 KB
3 KB

149ms
117ms

Image
image/png

52.86.247.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunmark.org/application/files/7815/9827/2810/Make-loan-payment_1.png
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Server: 52.86.247.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-247-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 8bd7493e003464a24acc2946626181108dfca25d8ebf3b8a87701482855faed4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Mon, 24 Aug 2020 12:40:11 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2297
Expires: Fri, 05 Jul 2024 09:15:28 GMT

Redirect headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.sunmark.org/application/files/7815/9827/2810/Make-loan-payment_1.png
Cache-Control: no-cache, private, max-age=1
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Wed, 05 Jun 2024 09:15:29 GMT

GET
H/1.1

200
OK

what_5.png
www.sunmark.org/application/files/1215/1684/0975/
Redirect Chain

https://www.sunmark.org/download_file/9/1
https://www.sunmark.org/application/files/1215/1684/0975/what_5.png

4 KB
5 KB

140ms
124ms

Image
image/png

52.86.247.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunmark.org/application/files/1215/1684/0975/what_5.png
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Server: 52.86.247.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-247-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 86dd8614a00ecfbace162daefc87833fbaed49551b6b5aeccf100715537cc9ae

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Thu, 25 Jan 2018 00:42:55 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4330
Expires: Fri, 05 Jul 2024 09:15:28 GMT

Redirect headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.sunmark.org/application/files/1215/1684/0975/what_5.png
Cache-Control: no-cache, private, max-age=1
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Wed, 05 Jun 2024 09:15:29 GMT

GET
H/1.1

200
OK

Open_an_Account.png
www.sunmark.org/application/files/9915/1862/0837/
Redirect Chain

https://www.sunmark.org/download_file/8/1
https://www.sunmark.org/application/files/9915/1862/0837/Open_an_Account.png

7 KB
7 KB

127ms
126ms

Image
image/png

52.86.247.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunmark.org/application/files/9915/1862/0837/Open_an_Account.png
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Server: 52.86.247.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-247-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 057c8f0a1d02425ceca8af549f65536889a1afb1257e475e3a794a4b01c0db44

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Wed, 14 Feb 2018 15:07:17 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7121
Expires: Fri, 05 Jul 2024 09:15:28 GMT

Redirect headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.sunmark.org/application/files/9915/1862/0837/Open_an_Account.png
Cache-Control: no-cache, private, max-age=1
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Wed, 05 Jun 2024 09:15:29 GMT

GET
H/1.1

200
OK

Sunmark_hmpg-mobile-app_chs021418-01.png
www.sunmark.org/application/files/7715/1861/9464/
Redirect Chain

https://www.sunmark.org/download_file/60/1
https://www.sunmark.org/application/files/7715/1861/9464/Sunmark_hmpg-mobile-app_chs021418-01.png

2 KB
2 KB

160ms
127ms

Image
image/png

52.86.247.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunmark.org/application/files/7715/1861/9464/Sunmark_hmpg-mobile-app_chs021418-01.png
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Server: 52.86.247.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-247-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 0274487fcd85f37bba4495a7cdc5ba5dffbb7c0a09a6c923c4c7314d774dc87f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Wed, 14 Feb 2018 14:44:24 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1986
Expires: Fri, 05 Jul 2024 09:15:28 GMT

Redirect headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.sunmark.org/application/files/7715/1861/9464/Sunmark_hmpg-mobile-app_chs021418-01.png
Cache-Control: no-cache, private, max-age=1
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Wed, 05 Jun 2024 09:15:29 GMT

GET
H/1.1 200
OK 360-logo.svg
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/ 2 KB
2 KB 352ms
115ms Image
image/svg+xml 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/360-logo.svg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6b9fda8c2ec51bbb37a39e1a3108b784be0f5afbad25cdfd4da19cba71cd9269

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Wed, 17 Mar 2021 15:14:15 GMT
Server: Apache
Content-Type: image/svg+xml
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1637
Expires: Wed, 05 Jun 2024 09:15:28 GMT

GET
H/1.1 200
OK heart.png
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/ 59 KB
59 KB 262ms
124ms Image
image/png 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/heart.png
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 1eb73df88fec6a7dfe0259d5e0614067cc2dc4c2b798a98760654a474812ed6d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Wed, 17 Mar 2021 15:14:15 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 60389
Expires: Fri, 05 Jul 2024 09:15:27 GMT

GET
H/1.1 200
OK golf_sponsorship_article_image.jpg
mail.3-235-70-42.cprapid.com/application/files/1717/1474/5862/ 376 KB
376 KB 117ms
117ms Image
image/jpeg 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/files/1717/1474/5862/golf_sponsorship_article_image.jpg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d4b94f3d6e5d81ea8f1bf8ebcdc25927c6bd32b78db9c74ab506501fd94695ed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Fri, 03 May 2024 14:17:42 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 384700
Expires: Fri, 05 Jul 2024 09:15:27 GMT

GET
H/1.1 200
OK Youth_Savings_Month_1200x628.jpg
mail.3-235-70-42.cprapid.com/application/files/9917/1208/6693/ 300 KB
301 KB 119ms
119ms Image
image/jpeg 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/files/9917/1208/6693/Youth_Savings_Month_1200x628.jpg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: eb0b15d2c94403408a2875f1708cb18b9d9bf3fa3b5d8cd75cc230ff3d0731d3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Tue, 02 Apr 2024 19:38:13 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 307529
Expires: Fri, 05 Jul 2024 09:15:28 GMT

GET
H/1.1 200
OK Risk_Central_3_Reasons_to_Shred.webp
mail.3-235-70-42.cprapid.com/application/files/3617/1207/6569/ 251 KB
252 KB 127ms
125ms Image
image/webp 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/files/3617/1207/6569/Risk_Central_3_Reasons_to_Shred.webp
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c493aafbd4658e95fe83f39c79a7a58bc196725543f269279682fafac9205598

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Tue, 02 Apr 2024 16:49:29 GMT
Server: Apache
Content-Type: image/webp
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 257256
Expires: Wed, 05 Jun 2024 09:15:29 GMT

GET
H/1.1 200
OK logo_white_goodvibes.svg
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/ 9 KB
9 KB 117ms
116ms Image
image/svg+xml 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/logo_white_goodvibes.svg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3264e326323991dab600a87e83e70aee3c50691d282895982f4624d9dd27cfbe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Wed, 17 Mar 2021 15:14:16 GMT
Server: Apache
Content-Type: image/svg+xml
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 8713
Expires: Wed, 05 Jun 2024 09:15:29 GMT

GET
H/1.1 200
OK fdic.png
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/ 8 KB
8 KB 118ms
117ms Image
image/png 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/fdic.png
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: f63cff7ec7ab35154a6499faf8cedd717de73aab2f9c95d15fb8e00403ff3554

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Thu, 02 Jan 2020 16:18:34 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 7747
Expires: Fri, 05 Jul 2024 09:15:28 GMT

GET
H2

200

/
banners.lovemycreditunion.org/client/love_my_cu/banner_push/
Redirect Chain

https://www.lovemycreditunion.org/client/love_my_cu/banner_push/?bid=4870&campid=36&clientid=1884&sid=1
https://banners.lovemycreditunion.org/client/love_my_cu/banner_push/?bid=4870&campid=36&clientid=1884&sid=1

16 KB
15 KB

218ms
192ms

Image
image/jpg

74.204.78.79
US-SIGNAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.lovemycreditunion.org/client/love_my_cu/banner_push/?bid=4870&campid=36&clientid=1884&sid=1
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 74.204.78.79 Grand Rapids, United States, ASN26554 (US-SIGNAL, US),
Reverse DNS: customer-74-204-78-79.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 9be7ed63c613593dd04463c40d20703698b477bbde11139bdf1dfac8e263a081

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 14:14:45 GMT
server: CUSG_Web
vary: Accept-Encoding
content-type: image/jpg
cache-control: max-age=86400
content-disposition: inline; filename="lmcur_banner_4870.jpg"
content-length: 15062
expires: Thu, 06 Jun 2024 09:15:28 GMT

Redirect headers

location: https://banners.lovemycreditunion.org/client/love_my_cu/banner_push/?bid=4870&campid=36&clientid=1884&sid=1
date: Wed, 05 Jun 2024 09:15:28 GMT
server: CUSG_Web
content-length: 327
content-type: text/html; charset=iso-8859-1

GET
H2 200 5ec12540-b452-0136-d88e-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 485ms
29ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/5ec12540-b452-0136-d88e-06a9ed4ca31b
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 38e37ce9c1f729d9058b75f012b5dc0f6fd84a18e541b7cf4ee77bc31169c9e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F9YQ71a5qEJhCPzmr5aB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jquery.cycle2.js Show response
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_js/ 22 KB
22 KB 130ms
117ms Script
text/javascript 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_js/jquery.cycle2.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ab7c834dd596e3857bced13549c1d5a5ab64aab184eefeb093e7e0369252f316

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Fri, 04 May 2018 13:21:34 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: max-age=186400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 22255
Expires: Fri, 07 Jun 2024 13:02:07 GMT

GET
H/1.1 200
OK jquery.prettyPhoto.js Show response
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_js/ 21 KB
21 KB 145ms
133ms Script
text/javascript 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_js/jquery.prettyPhoto.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 47ec7ea65620c8be7945819dd593916a9c7c892e727e645c2990819c414ff31c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Fri, 16 Feb 2018 18:38:34 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: max-age=186400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21506
Expires: Fri, 07 Jun 2024 13:02:07 GMT

GET
H/1.1 200
OK menu.js Show response
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_js/ 1 KB
2 KB 131ms
118ms Script
text/javascript 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_js/menu.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c0bcd4441395ba0cf84e347cff0e49ee9a98b19c4371ba5ecb5be14286142cce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Tue, 30 Mar 2021 14:55:50 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: max-age=186400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1232
Expires: Fri, 07 Jun 2024 13:02:07 GMT

GET
H/1.1 200
OK custom.js Show response
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_js/ 6 KB
6 KB 123ms
123ms Script
text/javascript 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_js/custom.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3d235ac78664ebc3d74154a0b2cc76081755ce0275535f79318c20539835878d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Wed, 24 May 2023 13:23:20 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: max-age=186400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5928
Expires: Fri, 07 Jun 2024 13:02:07 GMT

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/ 19 KB
7 KB 88ms
54ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 48338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6098
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4a59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBKWDfShZy2p16ighZhOP4QTf2y2Kidfs4Er%2FHVttnlegnabz1KzoJkl2v5E%2BPThJ81V0%2BKhvPiX8DQ6ijHmIVRnKQy1vB0dha0d%2FpHywJ6D1vURO3YhsGuHcqFsFwjlftGv0%2BDE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88ef0ee8bb381ac5-FRA
expires: Mon, 26 May 2025 09:15:27 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_js/ 48 KB
48 KB 227ms
115ms Script
text/javascript 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_js/bootstrap.min.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Wed, 13 Jun 2018 14:29:08 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: max-age=186400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 48944
Expires: Fri, 07 Jun 2024 13:02:07 GMT

GET
H/1.1 200
OK segmint.min.js Show response
cdn.segmint.net/ 16 KB
16 KB 39ms
28ms Script
application/javascript 13.35.58.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/segmint.min.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-56.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c4695092ecb72b2b739268337b1915d410d8f582545d0fd162caa48f350acb6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 04:19:38 GMT
Via: 1.1 d51f8b07f1cd9f6dbf62bb0b0c961f1c.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Apr 2024 12:33:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P10
Age: 17783
x-amz-server-side-encryption: AES256
ETag: "8862cb0d6ad2e34729f37fff54557f50"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age:900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16226
X-Amz-Cf-Id: gbRKXPlUCg1SJdvBqLg5MXPjhfrODoz2Sp3-A5AbrrDXkQs39pVW4Q==

GET
H/1.1 200
OK 9e4ea7cf448b3b78cd647285faf5b9762dcc09b0.js Show response
mail.3-235-70-42.cprapid.com/application/files/cache/js/ 4 KB
4 KB 117ms
116ms Script
text/javascript 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/files/cache/js/9e4ea7cf448b3b78cd647285faf5b9762dcc09b0.js
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6ed82fcfaae6e3249e3bb9610918bfd191557c0a4f1e32359d0adbb1ececabb0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Mon, 13 May 2024 14:14:08 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: max-age=186400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3605
Expires: Fri, 07 Jun 2024 13:02:07 GMT

GET
H2 200 2154a65263.css
use.fontawesome.com/ 1 KB
686 B 47ms
42ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/2154a65263.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/2154a65263.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 364a9ede1f928546a9a2a511f873597cade09d17f5a14f0b6fb14b184eac058c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:23:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3388
etag: W/"0e74391e14881d30a37a434277ceb83f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJK8jY%2B8fOqcyssh9HabX9onmdwalHRrsmhOWL%2BIIoh8pkwev0IpFsjtfkwLpYVbsyMld6s2JwkkQ6oF%2B7LQ3NdsyV0mrXBIUSsuY%2FZLXKCqgkz49iAii2uX%2Fb9xgRoWpJZ51Nfptx2yWRQwSa86MT52"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 88ef0ee3bdcb5d4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK normalize.css
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/ 7 KB
3 KB 266ms
116ms Stylesheet
text/css 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/normalize.css
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3540742e2e4328304d018bb935187c8fad6889b5473ea7b9ae4d656a29c47172

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/style.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Aug 2018 18:41:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2554
Expires: Wed, 12 Jun 2024 09:15:26 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 49ms
48ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/2154a65263.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.fontawesome.com/2154a65263.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1079549
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8YMIIIsDXJCQtBkiocROswgLDBOZS8wWjFyWbZOtzZ0w0DEb9xLw8ypuy9IEUId6jGWFg7rM3QY24ONcQhjuGhVunVe1SSxKw747R3V2gViI%2FLV8L5iVFgSMKoDJA18dgttMAypZ8UONPnwHx42p1gj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 88ef0ee40e565d4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 538ms
486ms Font
application/font-woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/2154a65263.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.fontawesome.com/2154a65263.css
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:27 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lbOi7AfGACAuqa14ytq0ODnNFQkIBMJb3wrcRkvlmoVa%2BnXX1WaNJBGZjB2FZCSD0ZYwvef2MsHMhTSdIPKqnYer%2B6UGVXiXWqL1srSXuI9yoDkX1wMSCANloHVBXDhsC0poQ1ER%2FbOUzYNoKLpoFmAQ"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ef0ee4ec703a92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 672 KB
118 KB 808ms
795ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=fa8e90d474
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fa8e90d474.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 15:26:26 GMT
server: cloudflare
etag: "660c23a2-1d791"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ef0ee7c99a9116-FRA
content-length: 120721

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 27 KB
4 KB 182ms
170ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=fa8e90d474
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fa8e90d474.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
etag: "660c23a0-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ef0ee7c9a59116-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 50 KB
7 KB 563ms
550ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=fa8e90d474
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fa8e90d474.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
etag: "660c23a0-1c3b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ef0ee7c99e9116-FRA
content-length: 7227

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 7 KB
2 KB 201ms
189ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=fa8e90d474
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fa8e90d474.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
etag: "660c23a0-6ca"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ef0ee7c9a89116-FRA
content-length: 1738

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/fa8e90d474/81611547/ 0
130 B 174ms
174ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/fa8e90d474/81611547/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fa8e90d474.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:27 GMT
cf-cache-status: MISS
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 88ef0ee7a96e9116-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
content-length: 0
x-request-id: F9YQ7zERuWiTPEIFiEuh

GET
H2 200 e6b25b53a992eeb9c2d624fb0a9d5cc0 Show response
thefontzone.com/v4/w/fonts/ 0
378 B 504ms
323ms XHR
application/json 99.86.4.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thefontzone.com/v4/w/fonts/e6b25b53a992eeb9c2d624fb0a9d5cc0?i=mail.3-235-70-42.cprapid.com&l=mail.3-235-70-42.cprapid.com&p=/&o=Win32&v2=1600x1200&r3=-120&s4=&y1=https%3A&y2=&y3=
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-129.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:27 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-trace-id: Root=1-66602caf-6b67ffe569b471396c9a3fe5;Parent=3a5ce5d7dc87575e;Sampled=0;lineage=d7a1fa29:0
x-amzn-requestid: 0b94563a-4add-4c1b-ba28-bb3ebb5101dd
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: Y4vrgGgpIAMEXbg=
content-length: 0
x-amz-cf-id: zQLl-8gGs8wP9XEFkLlLgj8LtLOdzOkB-J1zx3I8dAyQ6WHvfUZaVw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 188 KB
68 KB 519ms
55ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CKJTLZ

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7eed8347a9c16cc5004fc70c3a5107ae7778ab173718b8f96f29020bc274640a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68984
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jun 2024 09:15:28 GMT

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
149 B 510ms
52ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=t4brlqy&ct=0:e3tybkj&fmt=3
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 468ms
22ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Jun 2024 07:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5665
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 05 Jun 2024 09:41:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 315 KB
101 KB 502ms
102ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MNZ3WV5

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83657b12ba8aafb576dba5c3c098d8655d9dafbfae5be256eea0f672d531ee46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102859
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jun 2024 09:15:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 359ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 09:15:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1297, tbw=2800, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: Hwmdwo87C+zGLpEPPY4dkrpn6cON3x5T6C91npZT6egZ7Pij1sP5dzrIRNUQD8SNGVOSskBcsi9DBstxKcQoxQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 -W__XJnvUD7dzB2KYNod.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
18 KB 116ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KYNod.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prompt:200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:18:33 GMT
x-content-type-options: nosniff
age: 68214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17640
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:18:33 GMT

GET
H2 200 -W_8XJnvUD7dzB2C2_8IaWMu.woff2
fonts.gstatic.com/s/prompt/v10/ 18 KB
18 KB 162ms
73ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2C2_8IaWMu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prompt:200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4208432ab62e4e5a5e5901bbc6db5ca3119001facc45108f137e9c5b5370352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:23:35 GMT
x-content-type-options: nosniff
age: 67912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17960
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:23:35 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
mail.3-235-70-42.cprapid.com/concrete/css/fonts/ 75 KB
76 KB 152ms
122ms Font
font/woff2 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/concrete/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/concrete/css/font-awesome.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/concrete/css/font-awesome.css
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Mon, 13 May 2024 14:05:33 GMT
Server: Apache
Content-Type: font/woff2
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 77160
Expires: Wed, 05 Jun 2024 09:15:28 GMT

GET
H2 200 -W_8XJnvUD7dzB2Cv_4IaWMu.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
18 KB 119ms
31ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Cv_4IaWMu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prompt:200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8239d3f39686158dc8d9087b98f198ce669dca6ebb606df7f80398edde465a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:08:40 GMT
x-content-type-options: nosniff
age: 68807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17828
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:55:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:08:40 GMT

GET
H2 200 -W_8XJnvUD7dzB2Ck_kIaWMu.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
18 KB 136ms
50ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Ck_kIaWMu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prompt:200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6edb55eb61bbaf02146bb62507589d688467102771c1bb7be159f77e0b33846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:32:24 GMT
x-content-type-options: nosniff
age: 67383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:32:24 GMT

GET
H2 200 -W_8XJnvUD7dzB2Cx_wIaWMu.woff2
fonts.gstatic.com/s/prompt/v10/ 18 KB
18 KB 147ms
61ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Cx_wIaWMu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prompt:200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4388786659c85afbe8f0d46024ffa0ca82f802fd09874352bd7b402db7e2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:43:16 GMT
x-content-type-options: nosniff
age: 66731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17980
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:43:16 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 634ms
94ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=29115509

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 18:56:18 GMT
server: ws
etag: "65414dd2-24b8"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9400

GET
H/1.1 200
OK 360new.jpeg
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/ 335 KB
336 KB 140ms
117ms Image
image/jpeg 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/360new.jpeg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 1a84bae89640554a7ef41bb231029375160bdd1a43e737b331ca782344006e5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Tue, 30 Mar 2021 18:02:50 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 343345
Expires: Fri, 05 Jul 2024 09:15:27 GMT

GET
H/1.1 200
OK Charitable-Community-Foundation.jpeg
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/ 249 KB
249 KB 232ms
123ms Image
image/jpeg 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/Charitable-Community-Foundation.jpeg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7fe78e16f00952ff3a29356f027783ad1fd37ccdfd0d39a4cdceb32f1fb99d2e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Wed, 17 Mar 2021 15:29:51 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 254923
Expires: Fri, 05 Jul 2024 09:15:27 GMT

GET
H/1.1 200
OK Community-business-partners.jpeg
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/ 125 KB
125 KB 245ms
122ms Image
image/jpeg 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/Community-business-partners.jpeg
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4c924925e649bc196a8465519b60280018bf7f18425d1dc462d63c80734d8732

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:27 GMT
Last-Modified: Wed, 17 Mar 2021 15:28:05 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 128046
Expires: Fri, 05 Jul 2024 09:15:27 GMT

GET
H/1.1 200
OK news-events-bg-copy.png
mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/ 782 KB
783 KB 128ms
127ms Image
image/png 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_img/news-events-bg-copy.png
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ff656a0496837767c4a1ca3bd7bbfdc8b06bcf38f3eb20241fc3552e168e33d3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/application/themes/vibrant_theme/_css/style.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Last-Modified: Wed, 17 Mar 2021 15:18:20 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 801064
Expires: Fri, 05 Jul 2024 09:15:28 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ 13 KB
14 KB 39ms
34ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:27 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 472420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13584
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-3510"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9AYuF9WX7bpylsld6Jj1YMJgJXGlWJIDcdeKJlK%2B1x9REIBVZ2KRybmWM8%2F%2F%2BCk1LDK0GKKrw%2B6HfLZaQh5Zacor2JHV42ZWNT4QKiFLaXzbvgaLxoZf2WHzaYVxu2%2BGlwfY%2B0cD"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88ef0ee97c761ac5-FRA
expires: Mon, 26 May 2025 09:15:27 GMT

GET
H2 200 -W_8XJnvUD7dzB2Cr_sIaWMu.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
17 KB 84ms
72ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Cr_sIaWMu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prompt:200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d469a66733183d5894f366d06831a8e85567aebacd002de672835a361c32a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:10:40 GMT
x-content-type-options: nosniff
age: 68687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17504
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:20:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:10:40 GMT

GET
H/1.1 200
OK be7bb077-286c-4d1d-af77-44cf8da23de6.json Show response
cdn.segmint.net/ 313 B
925 B 41ms
36ms XHR
application/json 13.35.58.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/be7bb077-286c-4d1d-af77-44cf8da23de6.json
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-56.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c38a12c3e221784f0ee59e1f294d949b7d121583621a3e6d3cb83cec294241ea

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 05 Jun 2024 09:15:28 GMT
Via: 1.1 d51f8b07f1cd9f6dbf62bb0b0c961f1c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P10
Age: 721
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 313
Last-Modified: Thu, 03 Mar 2022 16:52:12 GMT
Server: AmazonS3
ETag: "0fd47c97c5214f0cd7ae063b3b39923e"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: qp4k_UcVA9jEyaixzYRzRnv6Fgc9EtM7m1B_ErlXQ3AV75RwIrvhEg==

OPTIONS
H/1.1 200
OK be7bb077-286c-4d1d-af77-44cf8da23de6.json
cdn.segmint.net/ Frame 0
0 452ms
403ms Preflight 13.35.58.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/be7bb077-286c-4d1d-af77-44cf8da23de6.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-56.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://mail.3-235-70-42.cprapid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 05 Jun 2024 09:15:29 GMT
Server: AmazonS3
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Via: 1.1 d51f8b07f1cd9f6dbf62bb0b0c961f1c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: -9hsIl7uzCYXjowsdR0DBfDWtXPN8ZR15MRNYQhCY29v3_ceZW9_-g==
X-Amz-Cf-Pop: FRA60-P10
X-Cache: Miss from cloudfront

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
218 B 40ms
34ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1895713794&t=pageview&_s=1&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&ul=de-de&de=UTF-8&dt=The%20Bright%20Way%20To%20Bank%20%3A%3A%20Sunmark%20Credit%20Union%20-%20New%20York%20Capital%20Region&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=377165006&gjid=378570208&cid=2118151952.1717578928&tid=UA-9822444-1&_gid=254769320.1717578928&_r=1&_slc=1&z=1785003787

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.3-235-70-42.cprapid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1014059835280733 Show response
connect.facebook.net/signals/config/ 55 KB
12 KB 74ms
69ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1014059835280733?v=2.9.157&r=stable&domain=mail.3-235-70-42.cprapid.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8af6abcb616142a42fc756a25cd1b3d032bf2ceb1b73fbdc59f5950015c834d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 09:15:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=64, mss=1297, tbw=63529, tp=-1, tpl=-1, uplat=44, ullat=0
pragma: public
x-fb-debug: Vw6ynHFP93CI4lMBwnG6e8Ll2aCXDSJIPK7u05NwsLXlaHX+NhuDvh1Mw3xf7KaBszgLRm2M0woBlY1yOBopeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
89 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0V6V7MLG0M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CKJTLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96d2ec46082d6ddd30a7527fafe4fe35a230017c78fec5a6d92fb0aa3f4599db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jun 2024 09:15:28 GMT

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/ 321 KB
112 KB 102ms
101ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

707e96d923c4fee7b9f6c7c506d5ed5a56a5c43a98abba1abb407cac978a6794

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 318 KB
103 KB 68ms
66ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BLGVVMFHC7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZ3WV5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b7c702100f90c45dfab502fe9f6c86c3d452f0c6c85ddeb201f5c4e188d0c533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jun 2024 09:15:28 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 237 KB
84 KB 91ms
72ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-758421210&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZ3WV5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4966d651e584c2a869bf0dee52ed6613f4c1b4d737767005bd80ee6de08978a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86145
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jun 2024 09:15:28 GMT

GET
H2 200 2fe680b0-1dcf-0137-4d9f-06659b33d47c Show response
tag.simpli.fi/sifitag/ 3 KB
1 KB 39ms
31ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/2fe680b0-1dcf-0137-4d9f-06659b33d47c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZ3WV5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 897678e375ec35cedfb0cc94c953c26e390158cfcd7da912103e0c020ad600f5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F9YQ72Zfgjo1Q_cCC42C
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
84 KB 66ms
62ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-758421210

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZ3WV5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4b7d69b4f945666ebce343cbee14fe527949829e08cf09a92cb49358a9e8a586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86070
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jun 2024 09:15:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
355 B 121ms
47ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9822444-1&cid=2118151952.1717578928&jid=377165006&gjid=378570208&_gid=254769320.1717578928&_u=IEBAAEAAAAAAACAAI~&z=841569637

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jun 2024 09:15:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.3-235-70-42.cprapid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 865449593857232 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 136ms
129ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/865449593857232?v=2.9.157&r=stable&domain=mail.3-235-70-42.cprapid.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C152%2C181%2C183%2C114%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C137%2C161%2C148%2C110%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

53a79c891342517e9ad09726bf749c559e051f503494abd463a00734b1f7dc1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 09:15:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4611, tp=11, tpl=0, uplat=71, ullat=0
pragma: public
x-fb-debug: D3Fr0T089qhMSn9DZ8eKkXBoB60NLb3zPx/xpXHG85KuMoszeQyIHJh/zgxb3GzFsNjh9HtqHFY+Jf5AUwkgSw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 201ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1014059835280733&ev=PageView&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&rl=&if=false&ts=1717578928401&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.3.1717578928365.293823501711044682&pm=1&hrl=aafcfd&ler=empty&cdl=API_unavailable&it=1717578928130&coo=false&cs_cc=1&rqm=GET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1297, tbw=2826, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 09:15:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 324ms
133ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1014059835280733&ev=PageView&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&rl=&if=false&ts=1717578928401&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.3.1717578928365.293823501711044682&pm=1&hrl=aafcfd&ler=empty&cdl=API_unavailable&it=1717578928130&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x269186e4179e9c80","source_keys":["1","2"]},{"key_piece":"0x50dea3cacca3eb54","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 09:15:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1297, tbw=3144, tp=-1, tpl=-1, uplat=122, ullat=0
pragma: no-cache
x-fb-debug: EASOM21MEL50OjWiYzBL9WM1DxLT++ai8S4n04+ItBZuEDW6jGBmFIf6icE2Ab/Pl39SC4zE1DFe3saQ3GOCTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 17 KB
17 KB 167ms
135ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-regular-400-1.woff2
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c380af7b011a43c1480933e7b2bb394508123d86908aa605d7c816fc2ad23a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 15:51:17 GMT
server: cloudflare
etag: "660c2975-423c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ef0eeffe549116-FRA
content-length: 16956

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 37 KB
37 KB 179ms
147ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-0.woff2
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 15:51:13 GMT
server: cloudflare
etag: "660c2971-946c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ef0eeffe559116-FRA
content-length: 37996

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 39 KB
39 KB 170ms
167ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-1.woff2
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b852e041e35b676cf550d19cf8d15bc58db780a3827626518f4e0dfc5fb3109

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Origin: https://mail.3-235-70-42.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 15:51:13 GMT
server: cloudflare
etag: "660c2971-9d0c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ef0ef05ede9116-FRA
content-length: 40204

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 136ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0V6V7MLG0M&gtm=45je4630v9123408276z89127251882za200zb9127251882&_p=1717578927417&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2118151952.1717578928&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717578928&sct=1&seg=0&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&dt=The%20Bright%20Way%20To%20Bank%20%3A%3A%20Sunmark%20Credit%20Union%20-%20New%20York%20Capital%20Region&en=page_view&_fv=1&_ss=1&tfd=3983
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0V6V7MLG0M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.3-235-70-42.cprapid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 800 B
763 B 49ms
29ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=166690&cb=sifi_att_1040061._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/5ec12540-b452-0136-d88e-06a9ed4ca31b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 9f589549446a85f4bd35e49e15e1c9def57e2f9e1667e4d2e8aaa640761291af

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/29115509/configuration/setting/accountproperties/ 7 KB
2 KB 237ms
49ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/29115509/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

f8c431de28f9ea226aaf95f7388d99cad8bd622d9509cdb2a9f466e25a72d1f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 05 Jun 2024 09:16:28 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/ 40 KB
13 KB 154ms
22ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/ui-framework.js?version=10.37.0-release_1294589553
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0b22c718aa3df8aaf8d98526ead4a61cf6179a64f962495734a4e208af52b902

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 05:32:25 GMT
content-encoding: br
age: 1050183
x-guploader-uploadid: ABPtcPqTQrtie0KRr80wIRwhpv82XB1FvWSwmQoXAOm--hR3qvZdKhm8pn8_1b_9SA0yW3_G5sIJNTUrHw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12514
last-modified: Fri, 24 May 2024 05:00:50 GMT
server: UploadServer
etag: W/"f50d31809acb60fa6c9d03a6dcdc1ef6"
vary: Accept-Encoding
x-goog-generation: 1716526850660047
x-goog-hash: crc32c=3EPcjg==, md5=9Q0xgJrLYPpsnQOm3Nwe9g==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 40535
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/ 8 KB
3 KB 164ms
32ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/surveylogicinstance.min.js?version=10.37.0-release_1294589553
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 02:20:08 GMT
content-encoding: br
age: 888920
x-guploader-uploadid: ABPtcPr26wsVOsa7FvGt7yU5izOlhU7oqYXDgCy7e3ozCgvcDyf5QK-2jBJTxsjlFjFZRHr4upqbF87Czw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2373
last-modified: Fri, 24 May 2024 05:00:50 GMT
server: UploadServer
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary: Accept-Encoding
x-goog-generation: 1716526850653024
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 7866
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/29115509/configuration/le-campaigns/ 4 KB
1 KB 273ms
94ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/29115509/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

beb59e489c654b19923a335507624abfc013984597ce98e2c672a25ea5f24f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:28 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 05 Jun 2024 09:16:28 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/758421210/ 3 KB
2 KB 123ms
51ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/758421210/?random=1717578928750&cv=11&fst=1717578928750&bg=ffffff&guid=ON&async=1&gtm=45be4630v9181623667z879350051za201zb79350051&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&label=0l7qCIma0NwBENqt0ukC&hn=www.googleadservices.com&frm=0&tiba=The%20Bright%20Way%20To%20Bank%20%3A%3A%20Sunmark%20Credit%20Union%20-%20New%20York%20Capital%20Region&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1896957983.1717578928&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-758421210&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7b468ee7efceb365ca911dba28f4e62ddb5c670e647c3b8862845a4251f58827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1751
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 6 KB
3 KB 107ms
24ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-758421210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:10:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2133
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 23:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Jun 2024 10:10:25 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 37ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BLGVVMFHC7&gtm=45je4630v871324147z879350051za200zb79350051&_p=1717578927417&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2118151952.1717578928&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717578928&sct=1&seg=0&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&dt=The%20Bright%20Way%20To%20Bank%20%3A%3A%20Sunmark%20Credit%20Union%20-%20New%20York%20Capital%20Region&en=page_view&_fv=1&_ss=1&tfd=4268
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BLGVVMFHC7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.3-235-70-42.cprapid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 32ms
31ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BLGVVMFHC7&cid=2118151952.1717578928&gtm=45je4630v871324147z879350051za200zb79350051&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BLGVVMFHC7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.3-235-70-42.cprapid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 98ms
48ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BLGVVMFHC7&cid=2118151952.1717578928&gtm=45je4630v871324147z879350051za200zb79350051&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=996437460

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 349610675766325 Show response
connect.facebook.net/signals/config/ 40 KB
7 KB 99ms
96ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/349610675766325?v=2.9.157&r=stable&domain=mail.3-235-70-42.cprapid.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C152%2C181%2C183%2C114%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C137%2C161%2C148%2C110%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

3f759ccf3b15cda64cc3877147e918f40459fb39d5df632b1b1dedad944209ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 09:15:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=28, mss=1232, tbw=10547, tp=18, tpl=0, uplat=73, ullat=0
pragma: public
x-fb-debug: jjDKIntn61d7/xnlVNkhyUFWAD7eGVUlthy7BPw1fyRrZEJ+ym/nKPmBdbH+8ENc4GbwQcnyV1UWFC8T+++GVA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 29ms
27ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=865449593857232&ev=PageView&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&rl=&if=false&ts=1717578928975&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.3.1717578928365.293823501711044682&pm=1&hrl=29edba&ler=empty&cdl=API_unavailable&it=1717578928130&coo=false&cs_cc=1&rqm=GET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1297, tbw=6340, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 09:15:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
474 B 55ms
53ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=865449593857232&ev=PageView&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&rl=&if=false&ts=1717578928975&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.3.1717578928365.293823501711044682&pm=1&hrl=29edba&ler=empty&cdl=API_unavailable&it=1717578928130&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x853d1209c7c1a1d8","source_keys":["1","2"]},{"key_piece":"0xca6de2429845b938","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 09:15:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=20, mss=1297, tbw=6977, tp=-1, tpl=-1, uplat=31, ullat=0
pragma: no-cache
x-fb-debug: 5JEM+VHRaBCWZ23jAYdkXSMM0bRpk1cEQlQrjEJrYfUbcbnaFKyC2la1NFWht4l7Xg8aRt9I5yC6gLPSbNqwfA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
125 B 25ms
24ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1014059835280733&ev=Lead&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&rl=&if=false&ts=1717578928978&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4124&fbp=fb.3.1717578928365.293823501711044682&pm=1&hrl=24523c&ler=empty&cdl=API_unavailable&it=1717578928130&coo=false&cs_cc=1&rqm=GET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1297, tbw=6556, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 09:15:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
473 B 55ms
51ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1014059835280733&ev=Lead&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&rl=&if=false&ts=1717578928978&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4124&fbp=fb.3.1717578928365.293823501711044682&pm=1&hrl=24523c&ler=empty&cdl=API_unavailable&it=1717578928130&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9aaaa5a6cbc727d6","source_keys":["1","2"]},{"key_piece":"0xc118a13abafa1af6","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 09:15:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=20, mss=1297, tbw=7473, tp=-1, tpl=-1, uplat=26, ullat=0
pragma: no-cache
x-fb-debug: /oh2cZf+lczm/usduZ76QZMjB5JFpXNfhCzcHv+gkSsd8VYA9nQ7wlrb/1BquFONh6c7uwQtXrC371cb8q8QBg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 38ms
35ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=865449593857232&ev=Lead&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&rl=&if=false&ts=1717578928981&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4124&fbp=fb.3.1717578928365.293823501711044682&pm=1&hrl=3e4b53&ler=empty&cdl=API_unavailable&it=1717578928130&coo=false&cs_cc=1&rqm=GET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1297, tbw=6830, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 09:15:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
474 B 58ms
56ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=865449593857232&ev=Lead&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&rl=&if=false&ts=1717578928981&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4124&fbp=fb.3.1717578928365.293823501711044682&pm=1&hrl=3e4b53&ler=empty&cdl=API_unavailable&it=1717578928130&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xfcbedd9a87eed4bb","source_keys":["1","2"]},{"key_piece":"0x68054c4c572e22c0","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 09:15:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=20, mss=1297, tbw=7968, tp=-1, tpl=-1, uplat=31, ullat=0
pragma: no-cache
x-fb-debug: SwhX1nFYu4WybJ/yYZVQcSy1Gmdr49RixblVIjslDPprDsGmQ4ore5hCflFO2VOi+F/4qqnxbMRtgB/6Ah2OiQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=60BC3BC13D80415A85CFFE560F159D3C

0
237 B

188ms
53ms

Image
text/plain

2600:9000:2450:4c00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=60BC3BC13D80415A85CFFE560F159D3C
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 2600:9000:2450:4c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
cache-control: no-cache, must-revalidate
via: 1.1 2971432b3eda9556fb62405145d20a88.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG50-P4
x-amz-cf-id: 4Oy3jMFlZAM3spa25g1apCyHbPzs4NCfuffgagFVNF8Z4wBDkoZaWw==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=60BC3BC13D80415A85CFFE560F159D3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2

200

RX-91836246-bcb0-42dc-a4e1-f0e8dc9e2370-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/60BC3BC13D80415A85CFFE560F159D3C
https://sync.1rx.io/usersync/simplifi/60BC3BC13D80415A85CFFE560F159D3C?zcc=1&cb=1717578929461
https://sync.targeting.unrulymedia.com/csync/RX-91836246-bcb0-42dc-a4e1-f0e8dc9e2370-003

43 B
378 B

132ms
38ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-91836246-bcb0-42dc-a4e1-f0e8dc9e2370-003
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-91836246-bcb0-42dc-a4e1-f0e8dc9e2370-003
pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=60BC3BC13D80415A85CFFE560F159D3C&dongle=yf3

37 B
140 B

146ms
23ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=60BC3BC13D80415A85CFFE560F159D3C&dongle=yf3
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=60BC3BC13D80415A85CFFE560F159D3C&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=60BC3BC13D80415A85CFFE560F159D3C

43 B
175 B

431ms
113ms

Image
image/gif

2600:1f18:612b:4280:c1b1:7b29:76c8:90d0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=60BC3BC13D80415A85CFFE560F159D3C
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 2600:1f18:612b:4280:c1b1:7b29:76c8:90d0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 05 Jun 2024 09:15:29 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=60BC3BC13D80415A85CFFE560F159D3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=60BC3BC13D80415A85CFFE560F159D3C
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=60BC3BC13D80415A85CFFE560F159D3C

95 B
437 B

43ms
34ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=60BC3BC13D80415A85CFFE560F159D3C

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=60BC3BC13D80415A85CFFE560F159D3C
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

401

g.pixel
aa.agkn.com/adscores/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=60BC3BC13D80415A85CFFE560F159D3C

13 B
342 B

149ms
19ms

Image
text/plain

35.158.230.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=60BC3BC13D80415A85CFFE560F159D3C
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 35.158.230.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-230-254.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 4da730e82bd43b52b497ed1364d6fa2b901968df6325b9ac8b0f4bdef20c22b5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 13
expires: 0

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=60BC3BC13D80415A85CFFE560F159D3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=60BC3BC13D80415A85CFFE560F159D3C

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 56ms
19ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 58ms
21ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2

451

400646.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=60BC3BC13D80415A85CFFE560F159D3C;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=60BC3BC13D80415A85CFFE560F159D3C;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=6415251981121571458

0
42 B

31ms
30ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=6415251981121571458
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://idsync.rlcdn.com/400646.gif?partner_uid=6415251981121571458
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=60BC3BC13D80415A85CFFE560F159D3C&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=60BC3BC13D80415A85CFFE560F159D3C&j=0&xl8blockcheck=1

0
779 B

50ms
49ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=60BC3BC13D80415A85CFFE560F159D3C&j=0&xl8blockcheck=1
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=60BC3BC13D80415A85CFFE560F159D3C&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 60ms
25ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=60BC3BC13D80415A85CFFE560F159D3C

0
421 B

498ms
115ms

Image
text/plain

52.54.132.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=60BC3BC13D80415A85CFFE560F159D3C
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Server: 52.54.132.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-132-127.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 05 Jun 2024 09:15:29 GMT

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=60BC3BC13D80415A85CFFE560F159D3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=60BC3BC13D80415A85CFFE560F159D3C

62 B
478 B

312ms
190ms

Image
image/gif

2.18.97.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=60BC3BC13D80415A85CFFE560F159D3C
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 2.18.97.171 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 05 Jun 2024 09:15:29 GMT
content-length: 62
x-request-id: 106c5069e22fd9f0cb0052929e19b424
content-type: image/gif

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=60BC3BC13D80415A85CFFE560F159D3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2

404

tpid=60BC3BC13D80415A85CFFE560F159D3C
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=60BC3BC13D80415A85CFFE560F159D3C

49 B
265 B

162ms
46ms

Image
image/gif

34.253.110.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=60BC3BC13D80415A85CFFE560F159D3C
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 34.253.110.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-110-95.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.1.231
content-length: 49
expires: 0

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=60BC3BC13D80415A85CFFE560F159D3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=60BC3BC13D80415A85CFFE560F159D3C

0
223 B

164ms
46ms

Image
text/plain

52.30.41.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=60BC3BC13D80415A85CFFE560F159D3C
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 52.30.41.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-41-229.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
x-merge: GDPR Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=60BC3BC13D80415A85CFFE560F159D3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=60BC3BC13D80415A85CFFE560F159D3C

0
98 B

114ms
34ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=60BC3BC13D80415A85CFFE560F159D3C
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=60BC3BC13D80415A85CFFE560F159D3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1717578928722&cv=7&fst=1717578928722&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=617839817&cv=7&fst=1717578928722&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&...
https://www.google.com/pagead/1p-conversion/1026675585/?random=617839817&cv=7&fst=1717578928722&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiww...
https://www.google.de/pagead/1p-conversion/1026675585/?random=617839817&cv=7&fst=1717578928722&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwb...

42 B
64 B

39ms
38ms

Image
image/gif

172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=617839817&cv=7&fst=1717578928722&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI2p_Gj5DEhgMVgYeDBx1xyic_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6JWh0dHBzOi8vbWFpbC4zLTIzNS03MC00Mi5jcHJhcGlkLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLJqAxyQdqbC9a89eG3I5njb1rEWbzog&random=2942615377&ipr=y

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=617839817&cv=7&fst=1717578928722&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI2p_Gj5DEhgMVgYeDBx1xyic_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6JWh0dHBzOi8vbWFpbC4zLTIzNS03MC00Mi5jcHJhcGlkLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLJqAxyQdqbC9a89eG3I5njb1rEWbzog&random=2942615377&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 70ms
46ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=60BC3BC13D80415A85CFFE560F159D3C
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D60BC3BC13D80415A85CFFE560F159D3C

43 B
1 KB

67ms
67ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D60BC3BC13D80415A85CFFE560F159D3C

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
an-x-request-uuid: 6b8057b1-68dc-4b8a-8136-2d9e13da2929
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
an-x-request-uuid: 8642f91e-483b-484b-beaa-1d17bf762054
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D60BC3BC13D80415A85CFFE560F159D3C
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.28; 217.114.218.28; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=60BC3BC13D80415A85CFFE560F159D3C&expires=365

0
239 B

128ms
25ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=60BC3BC13D80415A85CFFE560F159D3C&expires=365
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 579d6dd278f76ae39d067788043e4297
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=60BC3BC13D80415A85CFFE560F159D3C&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=60BC3BC13D80415A85CFFE560F159D3C

43 B
264 B

110ms
32ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=60BC3BC13D80415A85CFFE560F159D3C
Requested by: Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=60BC3BC13D80415A85CFFE560F159D3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jun 2024 09:15:29 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 201ms
44ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.28.0-release_1286430736/ 43 KB
15 KB 23ms
22ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.28.0-release_1286430736/storage.secure.min.js?loc=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&site=29115509&env=prod&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8c34af133bbf58ded59be1142b7ca92810e72c6ca44c0e0be60214425e470e49

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 05:33:40 GMT
content-encoding: br
age: 1050109
x-guploader-uploadid: ABPtcPqwciL0-pBe3nQMKd9UnvbMSsDnfGT4xxjP7qUeBZb0ShI5eDIsgy5mH6K_1VNUyYxIPZlwxju_pA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15110
last-modified: Fri, 24 May 2024 04:58:31 GMT
server: UploadServer
etag: W/"98cd62ca3691285d2db5f002c56e5725"
vary: Accept-Encoding
x-goog-generation: 1716526711910358
x-goog-hash: crc32c=9oFm3g==, md5=mM1iyjaRKF0ttfACxW5XJQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 44531
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.28.0-release_1286430736/ Frame 4AD2 0
0 88ms
22ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.28.0-release_1286430736/storage.secure.min.html?loc=https%3A%2F%2Fmail.3-235-70-42.cprapid.com&site=29115509&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 1050184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 16270
content-type: text/html
date: Fri, 24 May 2024 05:32:25 GMT
etag: W/"08e1e10c1128f5e33067543842258486"
last-modified: Fri, 24 May 2024 04:58:31 GMT
server: UploadServer
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
vary: Accept-Encoding
x-goog-generation: 1716526711896314
x-goog-hash: crc32c=Z19eGg== md5=COHhDBEo9eMwZ1Q4QiWEhg==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 48296
x-guploader-uploadid: ABPtcPr2Wi51CFJPEs96TRoB-TACmYbUoxAjF0tqu98dvv7-VC-NzPp0T7QmqYVcDiJHlOdhww

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/ 1 MB
253 KB 24ms
23ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/desktopEmbedded.js?version=10.37.0-release_1294589553
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e1e78b01b533ecd1ddd46fad4d4c3a3c366c02e0367cd99ab56cb2a4341315bc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 05:32:25 GMT
content-encoding: br
age: 1050184
x-guploader-uploadid: ABPtcPqSUOkP0puvvTO5YcAAFJV9llqGNJOXc7Ccdp6UOLuY3Fqp0b7LjVci_u1T54wsr-tV
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259071
last-modified: Fri, 24 May 2024 05:00:50 GMT
server: UploadServer
etag: W/"c51ea7e9356d2a36227deba424c4b0c8"
vary: Accept-Encoding
x-goog-generation: 1716526850475297
x-goog-hash: crc32c=cHYgYA==, md5=xR6n6TVtKjYifeukJMSwyA==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1070247
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H3

200

/
www.google.de/pagead/1p-conversion/758421210/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/758421210/?random=1240019319&cv=11&fst=1717578928750&bg=ffffff&guid=ON&async=1&gtm=45be4630v9181623667z879350051za201zb79350051&gcd=...
https://www.google.com/pagead/1p-conversion/758421210/?random=1240019319&cv=11&fst=1717578928750&bg=ffffff&guid=ON&async=1&gtm=45be4630v9181623667z879350051za201zb79350051&gcd=13l3lPl2l1&dma_cps=sy...
https://www.google.de/pagead/1p-conversion/758421210/?random=1240019319&cv=11&fst=1717578928750&bg=ffffff&guid=ON&async=1&gtm=45be4630v9181623667z879350051za201zb79350051&gcd=13l3lPl2l1&dma_cps=syp...

42 B
64 B

49ms
47ms

Image
image/gif

172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/758421210/?random=1240019319&cv=11&fst=1717578928750&bg=ffffff&guid=ON&async=1&gtm=45be4630v9181623667z879350051za201zb79350051&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&label=0l7qCIma0NwBENqt0ukC&hn=www.googleadservices.com&frm=0&tiba=The%20Bright%20Way%20To%20Bank%20%3A%3A%20Sunmark%20Credit%20Union%20-%20New%20York%20Capital%20Region&value=0&npa=1&pscdl=noapi&auid=1896957983.1717578928&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMItJG2j5DEhgMVbYmDBx1esgWcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6JWh0dHBzOi8vbWFpbC4zLTIzNS03MC00Mi5jcHJhcGlkLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLw9HKhar8aZuv8ohM9a25fAjZDvjVmQ&eitems=ChAI8JmAswYQlv3ClaS4sJ8GEh0AOSrGO-LtxNH49pDXmutsNj80ep1L2ZfEf98gFQ&random=289261550&ipr=y

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 09:15:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/758421210/?random=1240019319&cv=11&fst=1717578928750&bg=ffffff&guid=ON&async=1&gtm=45be4630v9181623667z879350051za201zb79350051&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&label=0l7qCIma0NwBENqt0ukC&hn=www.googleadservices.com&frm=0&tiba=The%20Bright%20Way%20To%20Bank%20%3A%3A%20Sunmark%20Credit%20Union%20-%20New%20York%20Capital%20Region&value=0&npa=1&pscdl=noapi&auid=1896957983.1717578928&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMItJG2j5DEhgMVbYmDBx1esgWcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6JWh0dHBzOi8vbWFpbC4zLTIzNS03MC00Mi5jcHJhcGlkLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLw9HKhar8aZuv8ohM9a25fAjZDvjVmQ&eitems=ChAI8JmAswYQlv3ClaS4sJ8GEh0AOSrGO-LtxNH49pDXmutsNj80ep1L2ZfEf98gFQ&random=289261550&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 call-tracking_9.js Show response
www.gstatic.com/call-tracking/ 62 KB
21 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_9.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20777
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 22:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jun 2025 14:13:51 GMT

GET
H3 200 509014323186010 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 84ms
82ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/509014323186010?v=2.9.157&r=stable&domain=mail.3-235-70-42.cprapid.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C152%2C181%2C183%2C114%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C137%2C161%2C148%2C110%2C219%2C154%2C111%2C134%2C127%2C115%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C146%2C118

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

36dc57a37679800242482b2e608fbe0cce12ce614a896ac968029ac2e5bbef12

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 09:15:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=34, mss=1232, tbw=18531, tp=27, tpl=0, uplat=59, ullat=0
pragma: public
x-fb-debug: v9pxHB3VZwjN1pbdiscUsVoQ3X+vR7J6gLLXIY4y6IX+e0FIQcT0wJU+p7BKMfj7b3QoC8HCCw994NkUPnKMVg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 24ms
23ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=349610675766325&ev=PageView&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&rl=&if=false&ts=1717578929118&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.3.1717578928365.293823501711044682&ler=empty&cdl=API_unavailable&cs_est=true&it=1717578928130&coo=false&rqm=GET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=23, mss=1232, tbw=4374, tp=10, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 09:15:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 195ms
194ms Image
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=349610675766325&ev=PageView&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&rl=&if=false&ts=1717578929118&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.3.1717578928365.293823501711044682&ler=empty&cdl=API_unavailable&cs_est=true&it=1717578928130&coo=false&rqm=FGET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0257575152c6edfb","source_keys":["1","2"]},{"key_piece":"0x4af962621c32f217","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 09:15:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=5030, tp=17, tpl=0, uplat=169, ullat=0
pragma: no-cache
x-fb-debug: nYnO8ho05phdSfukdhBWItSycyyFuqOi7tLyTtctDSbk2XxYs9z/SB4fUDDPRUbZit9H551jAHTzhZfDovKLZg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 25ms
23ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509014323186010&ev=PageView&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&rl=&if=false&ts=1717578929250&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.3.1717578928365.293823501711044682&ler=empty&cdl=API_unavailable&it=1717578928130&coo=false&rqm=GET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4838, tp=15, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 09:15:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 71ms
70ms Image
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=509014323186010&ev=PageView&dl=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&rl=&if=false&ts=1717578929250&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.3.1717578928365.293823501711044682&ler=empty&cdl=API_unavailable&it=1717578928130&coo=false&rqm=FGET

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe996beaf74500c4e","source_keys":["1","2"]},{"key_piece":"0x7cec08b0abea0b77","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 09:15:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=8182, tp=20, tpl=0, uplat=45, ullat=0
pragma: no-cache
x-fb-debug: fayz9d3MZPprqAZE9NOI/ny3Q77a+J7FJIwxiFD7PsKpa1fbb+cxEdYAgf/0poP9VbRsEbgqu3VyO8JWKuuEOw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/758421210/wcm?cc=ZZ&dn=866SUNMARK&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham&npa=1&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=866SUNMARK&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham

80 B
111 B

36ms
32ms

XHR
application/json

172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=866SUNMARK&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=866SUNMARK&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham
access-control-allow-origin: https://mail.3-235-70-42.cprapid.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/758421210/wcm?cc=ZZ&dn=18667866275&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham&npa=1&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18667866275&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham

80 B
111 B

34ms
32ms

XHR
application/json

172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18667866275&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham

Requested by

Host: mail.3-235-70-42.cprapid.com
URL: https://mail.3-235-70-42.cprapid.com/

Protocol

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Wed, 05 Jun 2024 09:15:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18667866275&cl=0l7qCIma0NwBENqt0ukC&dma=1&dma_cps=sypham
access-control-allow-origin: https://mail.3-235-70-42.cprapid.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 29115509 Show response
va.v.liveperson.net/api/js/ 236 B
1 KB 689ms
283ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/29115509?&cb=lpCb87196x94304&t=sp&ts=1717578928725&pid=6744177477&tid=3291387510&pt=The%20Bright%20Way%20To%20Bank%20%3A%3A%20Sunmark%20Credit%20Union%20-%20New%20York%20Capital%20Region&u=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

97c4982f0f3e9aea83057e42813942fef8dabe75ba7b4e63b51594b4ae55119e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 29115509 Show response
va.v.liveperson.net/api/js/ 42 B
838 B 121ms
121ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/29115509?sid=S6gldBh-QTiAq3-etvs6pA&cb=lpCb23211x21293&t=uc&ts=1717578929112&pid=6744177477&tid=3291387510&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22LPChatDIFeaturedNav%22%7D%5D&vid=A3ZDBjNWQzNzY2ODY4NmRm

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

a8b79f01cd28eb2e9dbfcdd3c7492229c08d9c641776ce015f825d4f0719793e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 29115509 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 121ms
120ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/29115509?sid=S6gldBh-QTiAq3-etvs6pA&cb=lpCb53366x77538&t=pl&ts=1717578929402&pid=6744177477&tid=3291387510&vid=A3ZDBjNWQzNzY2ODY4NmRm

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/29115509/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

8da68cfe255f7ccfb9079f7cce8acce18576056fe4eefd37c63803fe9aefa99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 09:15:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 up
insight.adsrvr.org/track/ Frame 286A 0
0 143ms
47ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=o7domzk&ref=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&upid=ih88ekm&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Wed, 05 Jun 2024 09:15:30 GMT
server: Kestrel

GET
H2 200 up
insight.adsrvr.org/track/ Frame 8827 0
0 137ms
47ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=o7domzk&ref=https%3A%2F%2Fmail.3-235-70-42.cprapid.com%2F&upid=ykf6dqs&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Wed, 05 Jun 2024 09:15:30 GMT
server: Kestrel

POST
H/1.1 200
OK event Show response
connect.segmint.net/ 0
653 B 852ms
126ms XHR
text/plain 52.5.50.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.50.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-50-49.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 05 Jun 2024 09:15:31 GMT
Server: openresty
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Access-Control-Allow-Origin: https://mail.3-235-70-42.cprapid.com
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-Application-Context: site-event-receiver-service:prod:7084
Expires: 0

OPTIONS
H/1.1 204
No Content event
connect.segmint.net/ Frame 0
0 522ms
118ms Preflight 52.5.50.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.50.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-50-49.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mail.3-235-70-42.cprapid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://mail.3-235-70-42.cprapid.com
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 05 Jun 2024 09:23:15 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty

GET
H/1.1 200
OK en1AG9GnGK
connect.segmint.net/iframe/doughnut/ Frame 2D1F 0
0 524ms
140ms Document
text/html 54.167.120.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.segmint.net/iframe/doughnut/en1AG9GnGK

Requested by

Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.167.120.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-120-255.compute-1.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.3-235-70-42.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 307
Content-Type: text/html;charset=UTF-8
Date: Wed, 05 Jun 2024 09:15:30 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Vary: Accept-Encoding
X-Application-Context: offer-delivery:prod:7074
X-B3-Sampled: 1
X-B3-SpanId: f161ababef91e5b0
X-B3-TraceId: f161ababef91e5b0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK favicon.ico
mail.3-235-70-42.cprapid.com/ 15 KB
15 KB 116ms
116ms Other
image/x-icon 3.235.70.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.3-235-70-42.cprapid.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.235.70.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-70-42.compute-1.amazonaws.com
Software: Apache /
Resource Hash: b249ad61dfb6efdac6bbbb41d24b48dd684a38a0840a60bb6542ad9d8d0aef71

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mail.3-235-70-42.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 09:15:31 GMT
Last-Modified: Wed, 17 Apr 2019 16:42:49 GMT
Server: Apache
Content-Type: image/x-icon
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 15086
Expires: Fri, 05 Jul 2024 09:15:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=60BC3BC13D80415A85CFFE560F159D3C

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simpli.fi/	1970-01-21 05:53:21	Name: suid Value: 60BC3BC13D80415A85CFFE560F159D3C
.mail.3-235-70-42.cprapid.com/	1970-01-20 21:07:45	Name: _gid Value: GA1.4.254769320.1717578928
.mail.3-235-70-42.cprapid.com/	1970-01-20 21:06:18	Name: _gat Value: 1
.mail.3-235-70-42.cprapid.com/	1970-01-20 23:15:54	Name: _gcl_au Value: 1.1.1896957983.1717578928
.mail.3-235-70-42.cprapid.com/	1970-01-20 23:15:54	Name: _fbp Value: fb.3.1717578928365.293823501711044682
.mail.3-235-70-42.cprapid.com/	1970-01-21 06:42:18	Name: _ga_0V6V7MLG0M Value: GS1.1.1717578928.1.0.1717578928.0.0.0
.mail.3-235-70-42.cprapid.com/	1970-01-21 06:42:18	Name: _ga Value: GA1.1.2118151952.1717578928
.simpli.fi/	1970-01-20 21:16:23	Name: uid_syncd_secure Value: true
.mail.3-235-70-42.cprapid.com/	1970-01-21 06:42:18	Name: _ga_BLGVVMFHC7 Value: GS1.1.1717578928.1.0.1717578928.60.0.0
.doubleclick.net/	1970-01-20 21:06:19	Name: test_cookie Value: CheckForPermission
.tapad.com/	1970-01-20 22:32:42	Name: TapAd_TS Value: 1717578929435
.tapad.com/	1970-01-20 22:32:42	Name: TapAd_DID Value: 3d94cb64-1b00-432b-8525-62e22428ffc4
.1rx.io/	1970-01-21 05:51:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-91836246-bcb0-42dc-a4e1-f0e8dc9e2370-003%22%7D
.adnxs.com/	1970-01-20 23:15:54	Name: XANDR_PANID Value: MkVRxbksJl44iExHJPlKdtl3hxx8HiYGWNmvBekD-cBSMC_2u1fLio5AHDmLZIQxU3zVTsA7Jf6drC2oig9XEmqdpasx-n4TES9uefkH0uA.
.adnxs.com/	1970-01-21 06:42:18	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:15:54	Name: uuid2 Value: 6336831622549671956
.pro-market.net/	1970-01-21 01:25:30	Name: anProfile Value: "1cqn516l245fm+1+1f=1+1g=1+1j=41+rs=s+rt=20011B60000202403247000000000011+s2=(selodt)+vm=24-60BC3BC13D80415A85CFFE560F159D3C"
.pro-market.net/	1970-01-20 21:49:30	Name: anHistory Value: "1cqn516l245fm+2+!#7%/#h#@[m"
.tapad.com/	1970-01-20 22:32:42	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-20 23:59:06	Name: EE Value: "cd6dfb3ca5f5a9866af11ca92adc67f3"
.adnxs.com/	1970-01-20 23:15:54	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2Ile?wb^X!@wnfH8KW.dG5<#Z0rtsoHA5HGm[3ID>6T]qAfZpr/rKJG4hG=FTUiDqs$G5F$E7A%(2K:$doS]%6lO+uGwEd
.exelator.com/	1970-01-20 23:59:06	Name: ud Value: "eJxrXxzq6XKLQSE5xSwlLck4OdE0zTTR0sLMLDHN0DA50dIoMSXZzDzNeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIdEl%252BUWb6IhfXxUUpaQyLSopPBR%252F%252FfB0A%252B68sGg%253D%253D"
.targeting.unrulymedia.com/	1970-01-21 05:51:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-91836246-bcb0-42dc-a4e1-f0e8dc9e2370-003%22%7D
.bluekai.com/	1970-01-21 01:29:50	Name: bku Value: blx99nWLRsjFcRDK
.bluekai.com/	1970-01-21 01:29:50	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwERyxA1pxA1h16xT1exhBDWTBDBsHADNBMOs1ED8HeBe9y9GZxrr
.bfmio.com/	1970-01-21 05:51:54	Name: __141_cid Value: 60BC3BC13D80415A85CFFE560F159D3C
.bfmio.com/	1970-01-21 05:51:54	Name: __io_cid Value: 4900b76aa2568e079c7d4e4b8b5bfa57e924dae2
.segmint.net/	1970-01-21 06:42:18	Name: SegmintId Value: 5922d724d1cd4fb7a8227df74d9cbc32

93 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: [DOM] Found 2 elements with non-unique id #s: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: [DOM] Found 2 elements with non-unique id #searchform: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: [DOM] Found 2 elements with non-unique id #searchsubmit: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://mail.3-235-70-42.cprapid.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=60BC3BC13D80415A85CFFE560F159D3C Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=60BC3BC13D80415A85CFFE560F159D3C Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=60BC3BC13D80415A85CFFE560F159D3C Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://idsync.rlcdn.com/400646.gif?partner_uid=6415251981121571458 Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.3-235-70-42.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
accdn.lpsnmedia.net
banners.lovemycreditunion.org
bcp.crwdcntrl.net
cdn.segmint.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
connect.segmint.net
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
ka-p.fontawesome.com
kit.fontawesome.com
loadm.exelator.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
mail.3-235-70-42.cprapid.com
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
region1.google-analytics.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.brandcdn.com
tag.simpli.fi
thefontzone.com
um.simpli.fi
unpkg.com
us-u.openx.net
use.fontawesome.com
va.v.liveperson.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.lovemycreditunion.org
www.sunmark.org
sync.intentiq.com
104.17.24.14
13.248.245.213
13.35.58.56
142.250.184.194
142.250.185.194
142.250.186.100
142.250.186.104
142.250.186.98
15.197.193.217
157.240.251.35
157.240.251.9
172.217.16.195
178.249.97.23
178.249.97.99
18.172.103.101
185.89.210.122
2.18.97.171
2001:4860:4802:32::36
208.89.12.87
2600:1901:0:8eee::
2600:1f18:612b:4280:c1b1:7b29:76c8:90d0
2600:9000:20a0:6e00:7:e536:8b00:93a1
2600:9000:2450:4c00:1b:5138:8a40:93a1
2606:4700:3036::6815:1b98
2606:4700:4400::ac40:93bc
2606:4700::6811:f5cb
2a00:1450:4001:801::200e
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c06::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.235.70.42
34.111.113.62
34.120.154.120
34.253.110.95
34.91.62.186
34.98.64.218
35.158.230.254
35.234.162.151
35.244.174.68
46.228.174.117
52.223.40.198
52.30.41.229
52.5.50.49
52.54.132.127
52.86.247.178
54.167.120.255
54.78.254.47
69.173.144.139
74.204.78.79
99.86.4.129
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b
0274487fcd85f37bba4495a7cdc5ba5dffbb7c0a09a6c923c4c7314d774dc87f
057c8f0a1d02425ceca8af549f65536889a1afb1257e475e3a794a4b01c0db44
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b22c718aa3df8aaf8d98526ead4a61cf6179a64f962495734a4e208af52b902
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4388786659c85afbe8f0d46024ffa0ca82f802fd09874352bd7b402db7e2e9
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
149c0b3ececef8654e65f36597b25c290f07a4d54f51d32cc33c338615872717
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71
1a84bae89640554a7ef41bb231029375160bdd1a43e737b331ca782344006e5a
1a93bc35ec0b525dffa555be6e3b451e59527878dd8db7db4ca3ffb808ebe3de
1eb73df88fec6a7dfe0259d5e0614067cc2dc4c2b798a98760654a474812ed6d
1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593
280905e84382a3a66fd41281ee9aa77d7b030edd2e3e428c29385991e687bc2e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
3264e326323991dab600a87e83e70aee3c50691d282895982f4624d9dd27cfbe
3540742e2e4328304d018bb935187c8fad6889b5473ea7b9ae4d656a29c47172
35ed17d3975944e4811ff635d50f4197c46c63bc50f8b8a46f663fcfbec1c77c
364a9ede1f928546a9a2a511f873597cade09d17f5a14f0b6fb14b184eac058c
36dc57a37679800242482b2e608fbe0cce12ce614a896ac968029ac2e5bbef12
38e37ce9c1f729d9058b75f012b5dc0f6fd84a18e541b7cf4ee77bc31169c9e3
3d235ac78664ebc3d74154a0b2cc76081755ce0275535f79318c20539835878d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f759ccf3b15cda64cc3877147e918f40459fb39d5df632b1b1dedad944209ef
41b3f3e0bc982170fceb4e2e3f94242306aacaae431a133daf65b00b2b536973
424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8
47ec7ea65620c8be7945819dd593916a9c7c892e727e645c2990819c414ff31c
4966d651e584c2a869bf0dee52ed6613f4c1b4d737767005bd80ee6de08978a0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7d69b4f945666ebce343cbee14fe527949829e08cf09a92cb49358a9e8a586
4c45736bc60eeed145a8c5f7707d8676bcc3c2dd00c6d6b9e447b7de082c0dc9
4c4695092ecb72b2b739268337b1915d410d8f582545d0fd162caa48f350acb6
4c924925e649bc196a8465519b60280018bf7f18425d1dc462d63c80734d8732
4da730e82bd43b52b497ed1364d6fa2b901968df6325b9ac8b0f4bdef20c22b5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
53a79c891342517e9ad09726bf749c559e051f503494abd463a00734b1f7dc1a
55a4bbda631fb29baa0cfa8163acdbe0e666c122f73df1e72e7abffca1b42e48
55d469a66733183d5894f366d06831a8e85567aebacd002de672835a361c32a1
592f7a145a159143186eea430ec0ed3db79ea6ba618d90340069b130de9ab0ac
593f9c4a6bf67a2eecdf30ad7b6de62f39af4e76bfa5ad40566871b7a5dceb11
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5e8620c6047c5723190b5c316298ed4560e4ffafb41d9c1ef31b61348334ae8a
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
683067cdf60cd900439a6f9b7a08f55c685c0db2b2592714346d84c9200fc1e0
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9fda8c2ec51bbb37a39e1a3108b784be0f5afbad25cdfd4da19cba71cd9269
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
6ed82fcfaae6e3249e3bb9610918bfd191557c0a4f1e32359d0adbb1ececabb0
707e96d923c4fee7b9f6c7c506d5ed5a56a5c43a98abba1abb407cac978a6794
7b468ee7efceb365ca911dba28f4e62ddb5c670e647c3b8862845a4251f58827
7eed8347a9c16cc5004fc70c3a5107ae7778ab173718b8f96f29020bc274640a
7fe78e16f00952ff3a29356f027783ad1fd37ccdfd0d39a4cdceb32f1fb99d2e
83657b12ba8aafb576dba5c3c098d8655d9dafbfae5be256eea0f672d531ee46
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
8512505e18e16f0b4eed4f1734ad936c1d9d358e8c31041c37bf1d6f572b9fa9
86dd8614a00ecfbace162daefc87833fbaed49551b6b5aeccf100715537cc9ae
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
897678e375ec35cedfb0cc94c953c26e390158cfcd7da912103e0c020ad600f5
8993d48dffb84dbe0745f78523108a23c75c4634da9d7ad6a506f9c90cdfd73f
8af6abcb616142a42fc756a25cd1b3d032bf2ceb1b73fbdc59f5950015c834d3
8b852e041e35b676cf550d19cf8d15bc58db780a3827626518f4e0dfc5fb3109
8bd7493e003464a24acc2946626181108dfca25d8ebf3b8a87701482855faed4
8c34af133bbf58ded59be1142b7ca92810e72c6ca44c0e0be60214425e470e49
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da68cfe255f7ccfb9079f7cce8acce18576056fe4eefd37c63803fe9aefa99a
96d2ec46082d6ddd30a7527fafe4fe35a230017c78fec5a6d92fb0aa3f4599db
97c4982f0f3e9aea83057e42813942fef8dabe75ba7b4e63b51594b4ae55119e
9be7ed63c613593dd04463c40d20703698b477bbde11139bdf1dfac8e263a081
9cf0e46fa1c3e318a6b189ca6d6bce9d5d97cd19f0b526992c67cce2de6eb01a
9f589549446a85f4bd35e49e15e1c9def57e2f9e1667e4d2e8aaa640761291af
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14ce3a5e0eb18c487d68f7f6292f9da727643bc7a19ebd540507a8ba07edf8f
a2c380af7b011a43c1480933e7b2bb394508123d86908aa605d7c816fc2ad23a
a8b79f01cd28eb2e9dbfcdd3c7492229c08d9c641776ce015f825d4f0719793e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab7c834dd596e3857bced13549c1d5a5ab64aab184eefeb093e7e0369252f316
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af627c9f59d53c8f3daf66245c6542968576e13962e2e6fa2c80e49cdf3175a7
b1a4638a53f52dbfb3b07761d12cdd31516ea20382078ea5011261f749556ae5
b249ad61dfb6efdac6bbbb41d24b48dd684a38a0840a60bb6542ad9d8d0aef71
b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582
b7c702100f90c45dfab502fe9f6c86c3d452f0c6c85ddeb201f5c4e188d0c533
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
beb59e489c654b19923a335507624abfc013984597ce98e2c672a25ea5f24f63
c0bcd4441395ba0cf84e347cff0e49ee9a98b19c4371ba5ecb5be14286142cce
c38a12c3e221784f0ee59e1f294d949b7d121583621a3e6d3cb83cec294241ea
c493aafbd4658e95fe83f39c79a7a58bc196725543f269279682fafac9205598
c731d3d6b9ede605e3694c843e5edf2d55dab8f7aa03c231167dc67d4f8d1381
cc89dbfe25e1fcd023c65ae263084a131243f0f8a488be45092579f551b1c13d
cdd040a14db2ae4b158a154f8ff749a811a929dea0d0c975d0ef05101527ce92
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4b94f3d6e5d81ea8f1bf8ebcdc25927c6bd32b78db9c74ab506501fd94695ed
d8239d3f39686158dc8d9087b98f198ce669dca6ebb606df7f80398edde465a6
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1e78b01b533ecd1ddd46fad4d4c3a3c366c02e0367cd99ab56cb2a4341315bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4208432ab62e4e5a5e5901bbc6db5ca3119001facc45108f137e9c5b5370352
e6edb55eb61bbaf02146bb62507589d688467102771c1bb7be159f77e0b33846
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eb0b15d2c94403408a2875f1708cb18b9d9bf3fa3b5d8cd75cc230ff3d0731d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f63cff7ec7ab35154a6499faf8cedd717de73aab2f9c95d15fb8e00403ff3554
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
f67e0ea90679b225a59039f5e9e0e101cec72e2d17ad0c8665c5bfb36cb0542d
f6e8c4dcc4abad6a24e685370c8c61062c1884852db72f8bea654dfd100486ca
f8c431de28f9ea226aaf95f7388d99cad8bd622d9509cdb2a9f466e25a72d1f8
f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08
faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318
ff656a0496837767c4a1ca3bd7bbfdc8b06bcf38f3eb20241fc3552e168e33d3

mail.3-235-70-42.cprapid.com Open in urlscan Pro 3.235.70.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

154 Requests

58 %HTTPS

30 %IPv6

41 Domains

55 Subdomains

52 IPs

7 Countries

6433 kBTransfer

9925 kBSize

28 Cookies

100 Outgoing links

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

mail.3-235-70-42.cprapid.com Open in urlscan Pro
3.235.70.42 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

58 %
HTTPS

30 %
IPv6

41
Domains

55
Subdomains

52
IPs

7
Countries

6433 kB
Transfer

9925 kB
Size

28
Cookies

154 HTTP transactions
0 data transactions