urlscan.io logo urlscan.io
SecurityTrails logo

direct.comenity.com Open in urlscan Pro
74.200.39.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/VOzFX5ym3H?amp=1
Effective URL: https://direct.comenity.com/
Submission: On June 17 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 42 HTTP transactions. The main IP is 74.200.39.25, located in United States and belongs to JACKHENRY, US. The main domain is direct.comenity.com.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on November 10th 2020. Valid for: a year.
This is the only time direct.comenity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.5 13414 (TWITTER)
18 74.200.39.25 14010 (JACKHENRY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.31.88.106 16625 (AKAMAI-AS)
1 2 64.158.223.137 41041 (VCLK-EU-SE)
1 1 89.207.16.201 41041 (VCLK-EU-SE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.189.67.130 8075 (MICROSOFT...)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a03:2880:f12... 32934 (FACEBOOK)
4 2.18.232.7 16625 (AKAMAI-AS)
42 14
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
18    74.200.39.25 (United States)

ASN14010 (JACKHENRY, US)
direct.comenity.com
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:f430 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.mantl.com
1    184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com
p.teads.tv
2    64.158.223.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
login.dotomi.com
1    89.207.16.201 (Wimbledon, United Kingdom)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-usadmm.dotomi.com
core.conversant.mgr.consensu.org
2    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    52.189.67.130 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
kernel-serve.banno.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
t.teads.tv
Domain Requested by
18 direct.comenity.com t.co
direct.comenity.com
4 t.teads.tv direct.comenity.com
p.teads.tv
3 www.google-analytics.com direct.comenity.com
www.google-analytics.com
2 www.facebook.com direct.comenity.com
2 connect.facebook.net t.co
connect.facebook.net
2 kernel-serve.banno.com direct.comenity.com
kernel-serve.banno.com
2 www.google.de direct.comenity.com
2 www.google.com direct.comenity.com
2 stats.g.doubleclick.net www.google-analytics.com
2 login.dotomi.com 1 redirects t.co
1 core.conversant.mgr.consensu.org 1 redirects
1 p.teads.tv www.googletagmanager.com
1 scripts.mantl.com www.googletagmanager.com
1 www.googletagmanager.com direct.comenity.com
1 t.co
42 15

This site contains links to these domains. Also see Links.

Domain
get.adobe.com
comenity.com
open.comenity.com
calprivacy.comenity.com
www.bankrate.com
my.comenity.com
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-12 -
2022-01-11		 a year crt.sh
direct.comenity.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-10 -
2021-11-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
mantl.com
Cloudflare Inc ECC CA-3		 2021-06-05 -
2022-06-04		 a year crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-05-24 -
2021-08-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.banno.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-01-11 -
2022-01-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://direct.comenity.com/
Frame ID: E2B1A23EB755424F92F1CD575FC9932A
Requests: 41 HTTP requests in this frame

Frame: https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=63196&dtm_cmagic=e301f1&dtm_format=5&dtm_fid=101&cli_promo_id=1&dtmc_ref=https%3A%2F%2Ft.co%2F&dtmc_loc=https%3A%2F%2Fdirect.comenity.com%2F&dtm_user_ip=84.17.43.134&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fdirect.comenity.com%2F&gdpr_consent=
Frame ID: 6A94DE37025790214E6D57457C66C039
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.co/VOzFX5ym3H?amp=1 Page URL
  2. https://direct.comenity.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

42
Requests

100 %
HTTPS

53 %
IPv6

14
Domains

15
Subdomains

14
IPs

5
Countries

921 kB
Transfer

1716 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/VOzFX5ym3H?amp=1 Page URL
  2. https://direct.comenity.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=63196&dtm_cmagic=e301f1&dtm_format=5&dtm_fid=101&cli_promo_id=1&canonical_url=&dtm_user_token=&dtmc_ref=https%3A%2F%2Ft.co%2F&dtmc_loc=https%3A%2F%2Fdirect.comenity.com%2F&fpc_status= HTTP 302
  • https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D63196%26dtm_cmagic%3De301f1%26dtm_format%3D5%26dtm_fid%3D101%26cli_promo_id%3D1%26dtmc_ref%3Dhttps%253A%252F%252Ft.co%252F%26dtmc_loc%3Dhttps%253A%252F%252Fdirect.comenity.com%252F%26dtm_user_ip%3D84.17.43.134%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F89.0.4389.72%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fdirect.comenity.com%252F%26gdpr_consent%3D HTTP 302
  • https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=63196&dtm_cmagic=e301f1&dtm_format=5&dtm_fid=101&cli_promo_id=1&dtmc_ref=https%3A%2F%2Ft.co%2F&dtmc_loc=https%3A%2F%2Fdirect.comenity.com%2F&dtm_user_ip=84.17.43.134&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fdirect.comenity.com%2F&gdpr_consent=

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VOzFX5ym3H
t.co/ 		239 B
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/VOzFX5ym3H?amp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
df30c4fcb14a7214f448e6736db49482af072537ce7ccd56ede462c3722b5e3c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/VOzFX5ym3H?amp=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:31 GMT
vary
Origin
server
tsa_f
expires
Thu, 17 Jun 2021 13:43:32 GMT
set-cookie
muc=a4ee0dda-d34b-40f8-8c83-20af58d6dd73; Max-Age=63072000; Expires=Sat, 17 Jun 2023 13:38:32 GMT; Domain=t.co; Secure; SameSite=None
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
175
content-encoding
gzip
x-xss-protection
0
strict-transport-security
max-age=0
x-connection-hash
a212992c87f437af0d9a6b1658db2389d43fcec9c779b72681805aa49dd2d53d
Primary Request /
direct.comenity.com/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://direct.comenity.com/
Requested by
Host: t.co
URL: https://t.co/VOzFX5ym3H?amp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
67b0d39a3e34ac68a4d6905a560b78ce913d27b42f325d2f84b4e91edfb9e0c8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
direct.comenity.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://t.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://t.co/

Response headers

server
nginx
date
Thu, 17 Jun 2021 13:38:54 GMT
content-type
text/html; charset=utf-8
content-length
6846
vary
Accept-Encoding
expires
Thu, 17 Jun 2021 13:38:33 GMT
set-cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; Max-Age=32400; Expires=Thu, 17 Jun 2021 22:38:33 GMT; Path=/; Secure; HTTPOnly
cache-control
public, max-age=0
x-frame-options
SAMEORIGIN
content-encoding
gzip
x-xss-protection
1; mode=block
x-ad-insert-result
no ads - index
x-content-type-options
nosniff
strict-transport-security
max-age=16070400
x-envoy-upstream-service-time
397
x-varnish-ttl
0.000
x-varnish
395872175
age
0
x-varnish-hitmiss
MISS
x-varnish-count
0
via
varnish
accept-ranges
bytes
x-b3-traceid
ec666740061caa40
x-request-id
c61e3432-5604-4ec0-9599-24ed11825d59
main.min.css
direct.comenity.com/assets/css/ 		107 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct.comenity.com/assets/css/main.min.css?v=1607619218509
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0a71bbd560d1101d6ca72743c5195b9e0e44825de891bff636d979cb76e6c84
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/css/main.min.css?v=1607619218509
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-b3-traceid
29a1e32631b0c92b
age
6592
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="main.min.css"
vary
Accept-Encoding
x-varnish-count
425
x-xss-protection
1; mode=block
x-request-id
9558da35-ae50-4a49-abbf-8717587f8636
accept-ranges
bytes
last-modified
Wed, 16 Dec 2020 14:12:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"a8782c51b872d011376998d0e5677f81"
strict-transport-security
max-age=16070400
x-varnish
5750975 1376702
via
varnish
cache-control
public, max-age=0
content-length
19425
content-type
text/css
expires
Thu, 17 Jun 2021 11:48:41 GMT
comenity-capital-bank-logo.svg
direct.comenity.com/assets/img/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.comenity.com/assets/img/comenity-capital-bank-logo.svg
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
dd7f21fcfe7f31f198c347386df9e861e5a1dd403d43d0a6df9b2ab1e87de4ed
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/comenity-capital-bank-logo.svg
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-b3-traceid
7d1d5a73af280e96
age
155002
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="comenity-capital-bank-logo.svg"
vary
Accept-Encoding
x-varnish-count
7985
x-xss-protection
1; mode=block
x-request-id
8cb6d1c1-42a2-47ee-b04c-84d28f9f7bc3
accept-ranges
bytes
last-modified
Wed, 16 Dec 2020 14:12:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"c5fa74ce7e394773480717c5caa57116"
strict-transport-security
max-age=16070400
x-varnish
487885221 977569683
via
varnish
cache-control
public, max-age=0
content-length
2764
content-type
image/svg+xml
expires
Tue, 15 Jun 2021 18:35:11 GMT
200410_Homepage1_V1.jpg
direct.comenity.com/assets/files/dcWjh1MY/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.comenity.com/assets/files/dcWjh1MY/200410_Homepage1_V1.jpg
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a29911953c8918a844c6c18d30b3b2e8fe60dc77a8f3d44a2b0f77440059dd1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/files/dcWjh1MY/200410_Homepage1_V1.jpg
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
via
varnish
x-content-type-options
nosniff
x-b3-traceid
445b51b57df35103
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
7
content-disposition
filename="200410_Homepage1_V1.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
45a5baa5-9121-4b2b-80c1-0ca728a88250
last-modified
Thu, 23 Apr 2020 15:06:08 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"9309dcdaca60d9219821872c608ecdc7"
strict-transport-security
max-age=16070400
x-varnish
3000924
cache-control
private
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 17 Jun 2021 13:40:34 GMT
Homepage_1_surfing_new.jpg
direct.comenity.com/assets/files/6EHosLzN/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.comenity.com/assets/files/6EHosLzN/Homepage_1_surfing_new.jpg
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
c109ae3d80f067f0dd099580c8eb401bb20d416b5e43c9fd03b5f98515fc3580
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/files/6EHosLzN/Homepage_1_surfing_new.jpg
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
via
varnish
x-content-type-options
nosniff
x-b3-traceid
c528f4633dc03079
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
8
content-disposition
filename="Homepage_1_surfing_new.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
ccf4f2c1-7c6b-4606-8f26-0c03ab48bc98
last-modified
Mon, 25 Feb 2019 15:37:19 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"97c6a5fb757b4f46be8cbfac3183bd82"
strict-transport-security
max-age=16070400
x-varnish
384073431
cache-control
private
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 17 Jun 2021 13:40:34 GMT
200410_Homepage2_V1.jpg
direct.comenity.com/assets/files/7lRL65cP/ 		327 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.comenity.com/assets/files/7lRL65cP/200410_Homepage2_V1.jpg
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
a6770a953755a49149a8307f41140d43ded1710e6ce956d2746b889b3a55a479
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/files/7lRL65cP/200410_Homepage2_V1.jpg
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
via
varnish
x-content-type-options
nosniff
x-b3-traceid
ed4a61781d891df3
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
8
content-disposition
filename="200410_Homepage2_V1.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
f18ad969-9e5d-40c4-adfb-7eefaa81483a
last-modified
Thu, 23 Apr 2020 15:06:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"d0085d7e893cd125de7cf15a54c06f10"
strict-transport-security
max-age=16070400
x-varnish
397870783
cache-control
private
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 17 Jun 2021 13:38:34 GMT
icons_rates_2x.png
direct.comenity.com/assets/content/zC2lB0C5/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.comenity.com/assets/content/zC2lB0C5/icons_rates_2x.png
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
9edaa06219ff587b7516ab6d8b344858aae8e72c81337af7ceee067b80a0b206
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/content/zC2lB0C5/icons_rates_2x.png
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
via
varnish
x-content-type-options
nosniff
x-b3-traceid
dd63d210ac053484
age
154997
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="icons_rates_2x.png"
x-varnish-count
3056
x-xss-protection
1; mode=block
x-request-id
76edc5f0-516d-4696-bce2-b9b80d22b7c0
accept-ranges
bytes
last-modified
Tue, 13 Nov 2018 01:13:10 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"cb644cdd8eab7f0fc8844b25495a2512"
strict-transport-security
max-age=16070400
x-varnish
404293340 900345895
cache-control
public, max-age=31536000
content-length
4457
content-type
image/png
expires
Wed, 15 Jun 2022 18:35:13 GMT
icons_funding_2x.png
direct.comenity.com/assets/content/UmYU178a/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.comenity.com/assets/content/UmYU178a/icons_funding_2x.png
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ab7e98285d2f239a877221bff67e902cae184efbe6281989f756d0f4816e626
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/content/UmYU178a/icons_funding_2x.png
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
via
varnish
x-content-type-options
nosniff
x-b3-traceid
7950bb7d31755046
age
6628
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="icons_funding_2x.png"
x-varnish-count
148
x-xss-protection
1; mode=block
x-request-id
f32c4487-874e-4828-ae9f-18e42e34ed76
accept-ranges
bytes
last-modified
Tue, 13 Nov 2018 01:13:09 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"cd6a463fedade80be12d4adb6ac67ca0"
strict-transport-security
max-age=16070400
x-varnish
5966836 426282
cache-control
public, max-age=31536000
content-length
5112
content-type
image/png
expires
Fri, 17 Jun 2022 11:48:05 GMT
icon_blue_proper.png
direct.comenity.com/assets/content/lFWFy0SY/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.comenity.com/assets/content/lFWFy0SY/icon_blue_proper.png
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
3736ff336ccc5f861a7683568ad7fdc3e7e32c72e3914cafe43de27c7872d7fc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/content/lFWFy0SY/icon_blue_proper.png
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
via
varnish
x-content-type-options
nosniff
x-b3-traceid
0e1ca6a164765618
age
154909
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="icon_blue_proper.png"
x-varnish-count
3190
x-xss-protection
1; mode=block
x-request-id
f82217cc-97e9-4163-808b-eb9bab04de3e
accept-ranges
bytes
last-modified
Tue, 13 Nov 2018 01:13:09 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2fd0ce03c00faa89231284ee3875520d"
strict-transport-security
max-age=16070400
x-varnish
483306836 1003882107
cache-control
public, max-age=31536000
content-length
4657
content-type
image/png
expires
Wed, 15 Jun 2022 18:36:44 GMT
icon-fdic.svg
direct.comenity.com/assets/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.comenity.com/assets/img/icon-fdic.svg
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
da09ec12240020ca5ca9cb831db48afeabca4f7733e89787c12304603088b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/icon-fdic.svg
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-b3-traceid
f78167916582983b
age
155002
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="icon-fdic.svg"
vary
Accept-Encoding
x-varnish-count
7948
x-xss-protection
1; mode=block
x-request-id
ed488993-5e9e-4b65-92c1-a385d8787a2a
accept-ranges
bytes
last-modified
Wed, 16 Dec 2020 14:12:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"e211fc699204a45e35c260d702c44ceb"
strict-transport-security
max-age=16070400
x-varnish
490932645 1008010378
via
varnish
cache-control
public, max-age=0
content-length
1203
content-type
image/svg+xml
expires
Tue, 15 Jun 2021 18:35:11 GMT
jquery-1.10.1.min.js
direct.comenity.com/assets/js/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.comenity.com/assets/js/jquery-1.10.1.min.js?v=1607619218508
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe2475737d49d641f045d416a315f420b4fa9d6f2cb3dabafd8b0d3f7b074a76
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/js/jquery-1.10.1.min.js?v=1607619218508
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-b3-traceid
cfe1d5558c967206
age
6684
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="jquery-1.10.1.min.js"
vary
Accept-Encoding
x-varnish-count
444
x-xss-protection
1; mode=block
x-request-id
9a2fc1e2-8319-4ab2-a998-fc03edb7a90d
accept-ranges
bytes
last-modified
Wed, 16 Dec 2020 14:12:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"d63fcba84af9b91fba58f1b83ff72c09"
strict-transport-security
max-age=16070400
x-varnish
5048805 131166
via
varnish
cache-control
public, max-age=0
content-length
33086
content-type
application/javascript
expires
Thu, 17 Jun 2021 11:47:09 GMT
script.min.js
direct.comenity.com/assets/js/ 		132 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.comenity.com/assets/js/script.min.js?v=1607619218508
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
b57b3bde3e2c0d12fc4c8356983dfa2bad79b5bc130a2aa50db64e6572cdc36c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/js/script.min.js?v=1607619218508
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; _ga=GA1.2.1683051699.1623937114; _gid=GA1.2.192936196.1623937114; _gat=1; _gcl_au=1.1.657674966.1623937114; _gat_UA-127651070-3=1; _fbp=fb.1.1623937114370.864243731
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-b3-traceid
21f9c31ef74fc6fa
age
154990
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="script.min.js"
vary
Accept-Encoding
x-varnish-count
7860
x-xss-protection
1; mode=block
x-request-id
29412032-9dde-489e-a485-ce1529538304
accept-ranges
bytes
last-modified
Wed, 16 Dec 2020 14:12:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1bcf16e52722696f1d4ecc8413cade8d"
strict-transport-security
max-age=16070400
x-varnish
388466744 914916690
via
varnish
cache-control
public, max-age=0
content-length
35778
content-type
application/javascript
expires
Tue, 15 Jun 2021 18:35:22 GMT
disclaimers.js
direct.comenity.com/assets/target/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.comenity.com/assets/target/disclaimers.js?bh=605b85
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/target/disclaimers.js?bh=605b85
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; _ga=GA1.2.1683051699.1623937114; _gid=GA1.2.192936196.1623937114; _gat=1; _gcl_au=1.1.657674966.1623937114; _gat_UA-127651070-3=1; _fbp=fb.1.1623937114370.864243731
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-b3-traceid
ad47bfe6c6119278
age
155003
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
vary
Accept-Encoding
x-varnish-count
5188
x-xss-protection
1; mode=block
x-request-id
37bc63f5-c76e-45da-bb4c-683d16b76a60
accept-ranges
bytes
last-modified
Tue, 15 Jun 2021 15:39:40 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"eb509e3dff1a531d7ffd063e06af63d3"
strict-transport-security
max-age=16070400
x-varnish
490769078 1009582630
via
varnish
cache-control
public, max-age=15552000
content-length
1400
content-type
application/javascript; charset=utf-8
expires
Sun, 12 Dec 2021 18:35:11 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2396
date
Thu, 17 Jun 2021 12:58:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 17 Jun 2021 14:58:37 GMT
gtm.js
www.googletagmanager.com/ 		215 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDJ8RVN
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24eefeec1892ab4a057457912767ba94ead5beb527f069c2431a1d7b3c8442f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64469
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Jun 2021 13:38:34 GMT
Icons.woff2
direct.comenity.com/assets/font/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://direct.comenity.com/assets/font/Icons.woff2
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/assets/css/main.min.css?v=1607619218509
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a47743470d1073b1a91d4463574abfdd09725029ba7df15114937e141bdf47e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://direct.comenity.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
:path
/assets/font/Icons.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
direct.comenity.com
referer
https://direct.comenity.com/assets/css/main.min.css?v=1607619218509
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://direct.comenity.com
Referer
https://direct.comenity.com/assets/css/main.min.css?v=1607619218509
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:54 GMT
via
varnish
x-content-type-options
nosniff
x-b3-traceid
b861819bc4fb367f
age
155000
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="Icons.woff2"
x-varnish-count
7491
x-xss-protection
1; mode=block
x-request-id
441c7d29-5158-4692-9914-84dea51b36d9
accept-ranges
bytes
last-modified
Wed, 16 Dec 2020 14:12:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"c7cf34503379083d3b229dd56271b7ad"
strict-transport-security
max-age=16070400
x-varnish
399804550 912768655
cache-control
public, max-age=0
content-length
1904
content-type
application/octet-stream
expires
Tue, 15 Jun 2021 18:35:11 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=218792388&t=pageview&_s=1&dl=https%3A%2F%2Fdirect.comenity.com%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Comenity%20Direct%20High-Yield%20Savings%20Accounts%20%26%20Certificates%20of%20Deposit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1403864246&gjid=453941643&cid=1683051699.1623937114&tid=UA-127651070-1&_gid=192936196.1623937114&_r=1&_slc=1&z=172667973
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 13:38:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.comenity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
comenity-analytics-pixel.js
scripts.mantl.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mantl.com/comenity-analytics-pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDJ8RVN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f430 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=218792388&t=pageview&_s=1&dl=https%3A%2F%2Fdirect.comenity.com%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Comenity%20Direct%20High-Yield%20Savings%20Accounts%20%26%20Certificates%20of%20Deposit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=877449911&gjid=673528950&cid=1683051699.1623937114&tid=UA-127651070-3&_gid=192936196.1623937114&_r=1&gtm=2wg6g0TDJ8RVN&z=2130367759
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 13:38:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.comenity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
teads-fellow.js
p.teads.tv/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.teads.tv/teads-fellow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDJ8RVN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9bb46dbf7fdadc1a69827398f101c6bb10c30350373d5b04231d6b51323aca03

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 13:38:34 GMT
Last-Modified
Mon, 14 Jun 2021 09:40:58 GMT
Server
AmazonS3
x-amz-request-id
P9KK7JX55XABNHF1
ETag
"7918094c80a96d5722a588024f4cf5d3"
Content-Type
application/javascript
Cache-Control
max-age=196
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6411
x-amz-id-2
Pu9hI7loyWe4g75p7cy6JmpJ2KMT4CcaO17e7atse8niUfrPH0h46OkQvZ/M3Ev8wkhtamECPl8=
UCMController
login.dotomi.com/ucm/ Frame 6A94
Redirect Chain
  • https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=63196&dtm_cmagic=e301f1&dtm_format=5&dtm_fid=101&cli_promo_id=1&canonical_url=&dtm_user_token=&dtmc_ref=https%3A%2F%2Ft.co%2F&dtmc_loc=...
  • https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D63196%26dtm_cmagic%3De301f1%26d...
  • https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=63196&dtm_cmagic=e301f1&dtm_format=5&dtm_fid=101&cli_promo_id=1&dtmc_ref=https%3A%2F%2Ft.co%2F&dtmc_loc=https%3A%2F%2Fdirect.com...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=63196&dtm_cmagic=e301f1&dtm_format=5&dtm_fid=101&cli_promo_id=1&dtmc_ref=https%3A%2F%2Ft.co%2F&dtmc_loc=https%3A%2F%2Fdirect.comenity.com%2F&dtm_user_ip=84.17.43.134&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fdirect.comenity.com%2F&gdpr_consent=
Requested by
Host: t.co
URL: https://t.co/VOzFX5ym3H?amp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
8888d8cb0bc6a03ba62859b35c34003f059b8e55c732ea46f47e48c29509cefc

Request headers

:method
GET
:authority
login.dotomi.com
:scheme
https
:path
/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=63196&dtm_cmagic=e301f1&dtm_format=5&dtm_fid=101&cli_promo_id=1&dtmc_ref=https%3A%2F%2Ft.co%2F&dtmc_loc=https%3A%2F%2Fdirect.comenity.com%2F&dtm_user_ip=84.17.43.134&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fdirect.comenity.com%2F&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://direct.comenity.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://direct.comenity.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 13:38:34 GMT
content-type
text/html
content-length
992
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-encoding
gzip

Redirect headers

server
nginx
date
Thu, 17 Jun 2021 13:38:34 GMT
content-length
0
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
location
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=63196&dtm_cmagic=e301f1&dtm_format=5&dtm_fid=101&cli_promo_id=1&dtmc_ref=https%3A%2F%2Ft.co%2F&dtmc_loc=https%3A%2F%2Fdirect.comenity.com%2F&dtm_user_ip=84.17.43.134&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fdirect.comenity.com%2F&gdpr_consent=
collect
stats.g.doubleclick.net/j/ 		4 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-127651070-1&cid=1683051699.1623937114&jid=1403864246&gjid=453941643&_gid=192936196.1623937114&_u=IEBAAEAAAAAAAC~&z=1004367591
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 17 Jun 2021 13:38:34 GMT
content-type
text/plain
access-control-allow-origin
https://direct.comenity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-127651070-3&cid=1683051699.1623937114&jid=877449911&gjid=673528950&_gid=192936196.1623937114&_u=aEDAAEABAAAAAC~&z=1026669378
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 17 Jun 2021 13:38:34 GMT
content-type
text/plain
access-control-allow-origin
https://direct.comenity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-127651070-1&cid=1683051699.1623937114&jid=1403864246&_u=IEBAAEAAAAAAAC~&z=130108494
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 13:38:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-127651070-1&cid=1683051699.1623937114&jid=1403864246&_u=IEBAAEAAAAAAAC~&z=130108494
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 13:38:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-127651070-3&cid=1683051699.1623937114&jid=877449911&_u=aEDAAEABAAAAAC~&z=1417287810
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 13:38:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-127651070-3&cid=1683051699.1623937114&jid=877449911&_u=aEDAAEABAAAAAC~&z=1417287810
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 13:38:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
kernel.js
kernel-serve.banno.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kernel-serve.banno.com/kernel.js
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6a1611bfd33cfa08726ef30cd4e539ba98689c4502ab6acdaffbbc8c6defc8eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:34 GMT
x-b3-traceid
684a665dd1bf2b2e
etag
"52722CC866B083AAB61067E7CAE87CA5"
strict-transport-security
max-age=15724800
content-type
application/javascript
x-envoy-upstream-service-time
1
content-length
5654
x-request-id
1eb2d8e5f10c5ed80f7c79956efc71c4
fbevents.js
connect.facebook.net/en_US/ 		103 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: t.co
URL: https://t.co/VOzFX5ym3H?amp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1239bbaf297eeecf557f5c96899d2c9a48fa02c8df2232c08bea6542abf7c957
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
22475
x-xss-protection
0
pragma
public
x-fb-debug
AsXvGXuPEU43YZkHy0x70fD+EkMMHVAuAQB3DY+rg1xkjxkfIwP34t1rAYoCTEZqI0KdUSRwhEsmSbd3qvXeow==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 17 Jun 2021 13:38:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
295484688397086
connect.facebook.net/signals/config/ 		355 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/295484688397086?v=2.9.5&r=c2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6a44ac44fbe94167bbd6ca2e277cd049c88ad20c5e6fc369541675811766756
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
opnUpZr3/ZJ6YtCqTSbJaxTplQXPPXg/2tfzQSQFuhIHskj9b0Y9118qMorLN6ZALVQpx6OUl5qdD+da0VGeIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 17 Jun 2021 13:38:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=295484688397086&ev=PageView&dl=https%3A%2F%2Fdirect.comenity.com%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1623937114370&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=30&fbp=fb.1.1623937114370.864243731&it=1623937114279&coo=false&rqm=GET
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 17 Jun 2021 13:38:34 GMT
track
t.teads.tv/ 		23 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=pageView&env=js-web&advertiser_id=34027&referer=https%3A%2F%2Fdirect.comenity.com%2F
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
disclaimer
direct.comenity.com/_/api/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.comenity.com/_/api/disclaimer
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/assets/js/jquery-1.10.1.min.js?v=1607619218508
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
881d4b5a541ef5dcb529ec46800c52b9b24786ed03370fe6b3cc222f4c746f7f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; _ga=GA1.2.1683051699.1623937114; _gid=GA1.2.192936196.1623937114; _gat=1; _gcl_au=1.1.657674966.1623937114; _gat_UA-127651070-3=1; _fbp=fb.1.1623937114370.864243731
:path
/_/api/disclaimer
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://direct.comenity.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Jun 2021 13:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-b3-traceid
cd55a6b294771f20
age
0
x-varnish-ttl
0.000
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
5
vary
Accept-Encoding
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
da30cf1c-4044-413e-a6ac-1da6249d1a0b
accept-ranges
bytes
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
x-varnish
489195459
via
varnish
cache-control
public, max-age=0
content-length
686
content-type
application/json; charset=utf-8
expires
Thu, 17 Jun 2021 13:38:34 GMT
visit
kernel-serve.banno.com/institutions/9972b790-605c-11e8-90a3-06658b3de2dd/profiles/d7327773-af97-4ed6-80b0-d5b27361edb0/ 		0
205 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kernel-serve.banno.com/institutions/9972b790-605c-11e8-90a3-06658b3de2dd/profiles/d7327773-af97-4ed6-80b0-d5b27361edb0/visit?keywords=Comenity%20Direct,%20Comenity%20Savings%20Account,%20Comenity%20Certificates%20of%20Deposit
Requested by
Host: kernel-serve.banno.com
URL: https://kernel-serve.banno.com/kernel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:34 GMT
x-b3-traceid
639aa1b6f4dfcd0e
strict-transport-security
max-age=15724800
content-type
application/javascript
cache-control
no-cache, no-store, max-age=0
x-envoy-upstream-service-time
1
content-length
0
x-request-id
4d7d5a29808149cdafd6d1be4d8e5741
fonts.css
direct.comenity.com/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct.comenity.com/assets/css/fonts.css?v=11242014
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
e13877270ee34c922527245cfb777be62a69da42c47e6cdf0416f080e20c7b73
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/css/fonts.css?v=11242014
pragma
no-cache
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; _ga=GA1.2.1683051699.1623937114; _gid=GA1.2.192936196.1623937114; _gat=1; _gcl_au=1.1.657674966.1623937114; _gat_UA-127651070-3=1; _fbp=fb.1.1623937114370.864243731; __bkp=d7327773-af97-4ed6-80b0-d5b27361edb0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
direct.comenity.com
referer
https://direct.comenity.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-b3-traceid
ce5f9956a67be154
age
154981
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="fonts.css"
vary
Accept-Encoding
x-varnish-count
3740
x-xss-protection
1; mode=block
x-request-id
403e6073-5077-4fa5-9db8-0c4f05f49b2c
accept-ranges
bytes
last-modified
Wed, 16 Dec 2020 14:12:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"b5f91e5f54921c29a976bc5e2628fe5a"
strict-transport-security
max-age=16070400
x-varnish
488867262 996911746
via
varnish
cache-control
public, max-age=0
content-length
554
content-type
text/css
expires
Tue, 15 Jun 2021 18:35:33 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=295484688397086&ev=Microdata&dl=https%3A%2F%2Fdirect.comenity.com%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1623937114882&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20Comenity%20Direct%20High-Yield%20Savings%20Accounts%20%26%20Certificates%20of%20Deposit%5Cn%20%20%20%20%22%2C%22meta%3Adescription%22%3A%22Comenity%20Direct%20offers%20high-yield%20savings%20accounts%20and%20certificates%20of%20deposit%20at%20highly%20competitive%20rates.%20Experience%20simplified%20transactions%20and%20elevated%20customer%20care.%20For%20over%2030%20years%2C%20Comenity%20has%20been%20a%20trusted%20partner%2C%20helping%20people%20get%20more%20for%20their%20money.%22%2C%22meta%3Akeywords%22%3A%22Comenity%20Direct%2C%20Comenity%20Savings%20Account%2C%20Comenity%20Certificates%20of%20Deposit%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22name%22%3A%22Comenity%20Direct%22%2C%22url%22%3A%22%2F%22%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22url%22%3A%22%2Fassets%2Fimg%2Fcomenity-capital-bank-logo.svg%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FImageObject%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FBankOrCreditUnion%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=c2&ec=1&o=30&fbp=fb.1.1623937114370.864243731&it=1623937114279&coo=false&es=automatic&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 17 Jun 2021 13:38:34 GMT
lato-regular-webfont.woff2
direct.comenity.com/assets/font/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://direct.comenity.com/assets/font/lato-regular-webfont.woff2
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/assets/css/fonts.css?v=11242014
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d41cd0cc0c53f97544bc72eea9d00c4c1b34a235e62a13b5e11fec981372c4c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://direct.comenity.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; _ga=GA1.2.1683051699.1623937114; _gid=GA1.2.192936196.1623937114; _gat=1; _gcl_au=1.1.657674966.1623937114; _gat_UA-127651070-3=1; _fbp=fb.1.1623937114370.864243731; __bkp=d7327773-af97-4ed6-80b0-d5b27361edb0; font_css_cache
:path
/assets/font/lato-regular-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
direct.comenity.com
referer
https://direct.comenity.com/assets/css/fonts.css?v=11242014
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://direct.comenity.com
Referer
https://direct.comenity.com/assets/css/fonts.css?v=11242014
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:55 GMT
via
varnish
x-content-type-options
nosniff
x-b3-traceid
f8555108f3793348
age
6613
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="lato-regular-webfont.woff2"
x-varnish-count
396
x-xss-protection
1; mode=block
x-request-id
33fc89ef-08b6-49b2-8289-95cee2a8daba
accept-ranges
bytes
last-modified
Wed, 16 Dec 2020 14:12:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"e7d81d7e3f3a2937be946540f9392fee"
strict-transport-security
max-age=16070400
x-varnish
3213975 590179
cache-control
public, max-age=0
content-length
24980
content-type
application/octet-stream
expires
Thu, 17 Jun 2021 11:48:21 GMT
lato-bold-webfont.woff2
direct.comenity.com/assets/font/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://direct.comenity.com/assets/font/lato-bold-webfont.woff2
Requested by
Host: direct.comenity.com
URL: https://direct.comenity.com/assets/css/fonts.css?v=11242014
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.39.25 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0548afc2ac8e9d0faaa6c4a9010ca5ada155a2f4ce17a9ec1bf00d28f23b475
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://direct.comenity.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; _ga=GA1.2.1683051699.1623937114; _gid=GA1.2.192936196.1623937114; _gat=1; _gcl_au=1.1.657674966.1623937114; _gat_UA-127651070-3=1; _fbp=fb.1.1623937114370.864243731; __bkp=d7327773-af97-4ed6-80b0-d5b27361edb0; font_css_cache
:path
/assets/font/lato-bold-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
direct.comenity.com
referer
https://direct.comenity.com/assets/css/fonts.css?v=11242014
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://direct.comenity.com
Referer
https://direct.comenity.com/assets/css/fonts.css?v=11242014
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:55 GMT
via
varnish
x-content-type-options
nosniff
x-b3-traceid
5102956beaaa0d62
age
155001
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="lato-bold-webfont.woff2"
x-varnish-count
6919
x-xss-protection
1; mode=block
x-request-id
63ffd137-086c-4f72-87bf-229e7eb0fe78
accept-ranges
bytes
last-modified
Wed, 16 Dec 2020 14:12:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"d6be58570661b5091e56f0aeea421bc3"
strict-transport-security
max-age=16070400
x-varnish
399804565 914129999
cache-control
public, max-age=0
content-length
25452
content-type
application/octet-stream
expires
Tue, 15 Jun 2021 18:35:11 GMT
track
t.teads.tv/ 		23 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=timeSpent&env=js-web&advertiser_id=34027&referer=https%3A%2F%2Fdirect.comenity.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:36 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=timeSpent&env=js-web&advertiser_id=34027&referer=https%3A%2F%2Fdirect.comenity.com%2F
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=timeSpent&env=js-web&advertiser_id=34027&referer=https%3A%2F%2Fdirect.comenity.com%2F
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://direct.comenity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:38:44 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga object| dataLayer object| d number| year object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe object| google_tag_manager_external object| teads_e number| teads_adv_id string| dtmSrc object| dtmTag undefined| sha256_email function| readCanonicalUrl function| readCookieDotomi string| item object| dotomiNode object| dotomiIFrame function| $ function| jQuery function| kernel function| fbq function| _fbq function| _toConsumableArray function| createCookie function| readCookie function| eraseCookie function| getScreenSize function| sizeHeroImage function| toTop function| menuTabbing object| bootbox function| _slice object| banno string| defaultDisclaimerMessage string| desktopDisclaimerMessage string| mobileDisclaimerMessage string| emailDisclaimerMessage string| desktopEmailDisclaimerMessage string| mobileEmailDisclaimerMessage function| waitForEl boolean| appended object| jQuery1101007174000180864493 object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI object| parsley object| Modernizr function| yepnope object| com object| kernelAssociateTimeout object| kernelSyncTimeout object| kernelLoginFormElementId string| kernelTestValue

9 Cookies

Domain/Path Name / Value
direct.comenity.com/ Name:
Value: font_css_cache
.comenity.com/ Name: __bkp
Value: d7327773-af97-4ed6-80b0-d5b27361edb0
.comenity.com/ Name: _fbp
Value: fb.1.1623937114370.864243731
.comenity.com/ Name: _gat_UA-127651070-3
Value: 1
.comenity.com/ Name: _gcl_au
Value: 1.1.657674966.1623937114
direct.comenity.com/ Name: PLAY_SESSION
Value: 61c522b509deb39b11b286c8afcb935f26615d4a-v=1
.comenity.com/ Name: _gat
Value: 1
.comenity.com/ Name: _ga
Value: GA1.2.1683051699.1623937114
.comenity.com/ Name: _gid
Value: GA1.2.192936196.1623937114

1 Console Messages

Source Level URL
Text
console-api log URL: https://direct.comenity.com/assets/js/script.min.js?v=1607619218508(Line 1)
Message:
resized

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
core.conversant.mgr.consensu.org
direct.comenity.com
kernel-serve.banno.com
login.dotomi.com
p.teads.tv
scripts.mantl.com
stats.g.doubleclick.net
t.co
t.teads.tv
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.5
184.31.88.106
2.18.232.7
2606:4700::6812:f430
2a00:1450:4001:810::2004
2a00:1450:4001:810::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c08::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
52.189.67.130
64.158.223.137
74.200.39.25
89.207.16.201
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1239bbaf297eeecf557f5c96899d2c9a48fa02c8df2232c08bea6542abf7c957
24eefeec1892ab4a057457912767ba94ead5beb527f069c2431a1d7b3c8442f9
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3736ff336ccc5f861a7683568ad7fdc3e7e32c72e3914cafe43de27c7872d7fc
3a47743470d1073b1a91d4463574abfdd09725029ba7df15114937e141bdf47e
5a29911953c8918a844c6c18d30b3b2e8fe60dc77a8f3d44a2b0f77440059dd1
5ab7e98285d2f239a877221bff67e902cae184efbe6281989f756d0f4816e626
5d41cd0cc0c53f97544bc72eea9d00c4c1b34a235e62a13b5e11fec981372c4c
67b0d39a3e34ac68a4d6905a560b78ce913d27b42f325d2f84b4e91edfb9e0c8
6a1611bfd33cfa08726ef30cd4e539ba98689c4502ab6acdaffbbc8c6defc8eb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
881d4b5a541ef5dcb529ec46800c52b9b24786ed03370fe6b3cc222f4c746f7f
8888d8cb0bc6a03ba62859b35c34003f059b8e55c732ea46f47e48c29509cefc
9bb46dbf7fdadc1a69827398f101c6bb10c30350373d5b04231d6b51323aca03
9edaa06219ff587b7516ab6d8b344858aae8e72c81337af7ceee067b80a0b206
a0a71bbd560d1101d6ca72743c5195b9e0e44825de891bff636d979cb76e6c84
a6770a953755a49149a8307f41140d43ded1710e6ce956d2746b889b3a55a479
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0548afc2ac8e9d0faaa6c4a9010ca5ada155a2f4ce17a9ec1bf00d28f23b475
b57b3bde3e2c0d12fc4c8356983dfa2bad79b5bc130a2aa50db64e6572cdc36c
b6a44ac44fbe94167bbd6ca2e277cd049c88ad20c5e6fc369541675811766756
c109ae3d80f067f0dd099580c8eb401bb20d416b5e43c9fd03b5f98515fc3580
da09ec12240020ca5ca9cb831db48afeabca4f7733e89787c12304603088b7fb
dd7f21fcfe7f31f198c347386df9e861e5a1dd403d43d0a6df9b2ab1e87de4ed
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df30c4fcb14a7214f448e6736db49482af072537ce7ccd56ede462c3722b5e3c
e13877270ee34c922527245cfb777be62a69da42c47e6cdf0416f080e20c7b73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe2475737d49d641f045d416a315f420b4fa9d6f2cb3dabafd8b0d3f7b074a76