urlscan.io logo urlscan.io
SecurityTrails logo

www.mybelirefund.com Open in urlscan Pro
162.213.255.36  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mybelirefund.com/
Submission: On October 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 30 domains to perform 86 HTTP transactions. The main IP is 162.213.255.36, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.mybelirefund.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 10th 2021. Valid for: a year.
This is the only time www.mybelirefund.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BCE-Bell (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
4 162.213.255.36 22612 (NAMECHEAP...)
3 104.109.71.114 16625 (AKAMAI-AS)
25 178.79.243.128 22822 (LLNW)
12 184.30.20.234 16625 (AKAMAI-AS)
1 52.177.241.160 8075 (MICROSOFT...)
1 8 52.18.85.49 16509 (AMAZON-02)
2 142.250.185.136 15169 (GOOGLE)
1 52.49.107.116 16509 (AMAZON-02)
1 1 34.248.191.66 16509 (AMAZON-02)
1 63.32.151.178 16509 (AMAZON-02)
2 142.250.185.78 15169 (GOOGLE)
2 2 142.250.186.98 15169 (GOOGLE)
1 104.212.67.145 8075 (MICROSOFT...)
2 2 13.248.242.197 16509 (AMAZON-02)
1 1 204.79.197.200 8068 (MICROSOFT...)
3 157.240.20.19 32934 (FACEBOOK)
1 172.67.145.176 13335 (CLOUDFLAR...)
1 199.232.136.157 54113 (FASTLY)
1 2.16.186.17 20940 (AKAMAI-ASN1)
1 143.204.209.45 16509 (AMAZON-02)
4 2.16.186.161 20940 (AKAMAI-ASN1)
1 1 212.82.100.182 34010 (YAHOO-IRD)
2 2 52.48.137.92 16509 (AMAZON-02)
2 3 209.54.178.82 16509 (AMAZON-02)
1 2 108.174.11.85 14413 (LINKEDIN)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 104.244.42.67 13414 (TWITTER)
1 104.244.42.69 13414 (TWITTER)
2 35.186.226.184 15169 (GOOGLE)
1 52.28.224.120 16509 (AMAZON-02)
1 13.36.218.177 16509 (AMAZON-02)
1 142.250.184.226 15169 (GOOGLE)
4 157.240.20.35 32934 (FACEBOOK)
1 142.250.185.66 15169 (GOOGLE)
1 142.251.5.155 15169 (GOOGLE)
1 142.250.184.228 15169 (GOOGLE)
86 29
4    162.213.255.36 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com
www.mybelirefund.com
3    104.109.71.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-71-114.deploy.static.akamaitechnologies.com
www.bell.ca
25    178.79.243.128 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-243-128.fra.llnw.net
prdbellweb.hs.llnwd.net
12    184.30.20.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-234.deploy.static.akamaitechnologies.com
assets.adobedtm.com
1    52.177.241.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bell.inq.com
8    52.18.85.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com
1    52.49.107.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-107-116.eu-west-1.compute.amazonaws.com
bellca.demdex.net
1    34.248.191.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    63.32.151.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-151-178.eu-west-1.compute.amazonaws.com
somni.bell.ca
2    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    104.212.67.145 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: waw01r3.msedge.net
media-us1.digital.nuance.com
2    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
3    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
1    172.67.145.176 (United States)

ASN13335 (CLOUDFLARENET, US)
siteimproveanalytics.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2.16.186.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com
snap.licdn.com
1    143.204.209.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-45.fra53.r.cloudfront.net
sc-static.net
4    2.16.186.161 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-161.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
3    209.54.178.82 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    108.174.11.85 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-85.fwd.linkedin.com
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
2    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    52.28.224.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-224-120.eu-central-1.compute.amazonaws.com
1154.global.siteimproveanalytics.io
1    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
data1.bell.ca
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
4    157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net
bid.g.doubleclick.net
1    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
25 llnwd.net
prdbellweb.hs.llnwd.net
2 MB
12 adobedtm.com
assets.adobedtm.com
135 KB
9 demdex.net
dpm.demdex.net
bellca.demdex.net
11 KB
5 bell.ca
www.bell.ca
somni.bell.ca
data1.bell.ca
46 KB
4 facebook.com
www.facebook.com
593 B
4 tiktok.com
analytics.tiktok.com
67 KB
4 doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
bid.g.doubleclick.net
3 KB
4 mybelirefund.com
www.mybelirefund.com
12 KB
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
3 KB
3 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
3 facebook.net
connect.facebook.net
313 KB
2 snapchat.com
tr.snapchat.com
469 B
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 adsrvr.org
match.adsrvr.org
931 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 googletagmanager.com
www.googletagmanager.com
78 KB
1 google.com
www.google.com
569 B
1 googleadservices.com
www.googleadservices.com
15 KB
1 siteimproveanalytics.io
1154.global.siteimproveanalytics.io
650 B
1 t.co
t.co
455 B
1 twitter.com
analytics.twitter.com
658 B
1 yahoo.com
cms.analytics.yahoo.com
892 B
1 sc-static.net
sc-static.net
6 KB
1 licdn.com
snap.licdn.com
2 KB
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 siteimproveanalytics.com
siteimproveanalytics.com
5 KB
1 bing.com
c.bing.com
421 B
1 nuance.com
media-us1.digital.nuance.com
7 KB
1 everesttech.net
cm.everesttech.net
517 B
1 inq.com
bell.inq.com
2 KB
86 30
Domain Requested by
25 prdbellweb.hs.llnwd.net www.mybelirefund.com
prdbellweb.hs.llnwd.net
12 assets.adobedtm.com www.mybelirefund.com
assets.adobedtm.com
8 dpm.demdex.net 1 redirects assets.adobedtm.com
www.mybelirefund.com
4 www.facebook.com
4 analytics.tiktok.com www.mybelirefund.com
analytics.tiktok.com
4 www.mybelirefund.com www.mybelirefund.com
prdbellweb.hs.llnwd.net
media-us1.digital.nuance.com
3 s.amazon-adsystem.com 2 redirects
3 connect.facebook.net www.mybelirefund.com
connect.facebook.net
3 www.bell.ca www.mybelirefund.com
2 tr.snapchat.com
2 px.ads.linkedin.com 1 redirects
2 sync.crwdcntrl.net 2 redirects
2 match.adsrvr.org 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.mybelirefund.com
www.googletagmanager.com
1 www.google.com
1 bid.g.doubleclick.net www.googleadservices.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 data1.bell.ca assets.adobedtm.com
1 1154.global.siteimproveanalytics.io
1 t.co
1 analytics.twitter.com static.ads-twitter.com
1 www.linkedin.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 sc-static.net www.mybelirefund.com
1 snap.licdn.com www.mybelirefund.com
1 static.ads-twitter.com www.mybelirefund.com
1 siteimproveanalytics.com www.mybelirefund.com
1 c.bing.com 1 redirects
1 media-us1.digital.nuance.com bell.inq.com
1 somni.bell.ca assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 bellca.demdex.net assets.adobedtm.com
1 bell.inq.com www.mybelirefund.com
86 36
Subject Issuer Validity Valid
mybelirefund.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-10 -
2022-10-10		 a year crt.sh
www.bell.ca
Entrust Certification Authority - L1K		 2020-02-21 -
2022-02-21		 2 years crt.sh
*.hs.llnwd.net
Sectigo RSA Organization Validation Secure Server CA		 2021-04-07 -
2022-05-08		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.inq.com
GeoTrust RSA CA 2018		 2019-10-30 -
2021-12-08		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
somni.bell.ca
Entrust Certification Authority - L1K		 2019-08-23 -
2021-11-22		 2 years crt.sh
*.digital.nuance.com
Go Daddy Secure Certificate Authority - G2		 2019-09-17 -
2021-11-16		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-21 -
2021-10-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-06 -
2022-07-05		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-11 -
2022-02-15		 a year crt.sh
*.tiktok.com
RapidSSL RSA CA 2018		 2019-11-14 -
2022-01-12		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-01-23		 a year crt.sh
*.global.siteimproveanalytics.io
DigiCert SHA2 Secure Server CA		 2020-03-30 -
2022-04-04		 2 years crt.sh
data1.bell.ca
Entrust Certification Authority - L1K		 2020-07-17 -
2022-07-17		 2 years crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 6 frames:

Primary Page: https://www.mybelirefund.com/
Frame ID: 571034B512F827689D0F89B0A3F24D68
Requests: 75 HTTP requests in this frame

Frame: https://bellca.demdex.net/dest5.html?d_nsid=0
Frame ID: 4852E7C014AA6E5C61C104C029A1EBF3
Requests: 7 HTTP requests in this frame

Frame: https://www.mybelirefund.com/touchcommerce/inqChat.html?IFRAME&nuance-frame-ac=0
Frame ID: 7731CF35CE9F5348C0F3C65DCD563BBB
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=50a38fee-9934-45ee-950b-5f4599360ebf
Frame ID: 82DDFAAED28E9C4F242FA2CEC93A6BD3
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 82991FC5E2F80E7353BC1AB89215C1C3
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: CD0D4DFD8FAD942EC739B23F68A5BB67
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to MyBell

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

86
Requests

100 %
HTTPS

0 %
IPv6

30
Domains

36
Subdomains

29
IPs

4
Countries

2432 kB
Transfer

5211 kB
Size

44
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://cm.everesttech.net/cm/dd?d_uuid=57081679777511026830775684241229474568 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YWM9zwAAAJUsOwQz
Request Chain 39
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTcwODE2Nzk3Nzc1MTEwMjY4MzA3NzU2ODQyNDEyMjk0NzQ1Njg= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTcwODE2Nzk3Nzc1MTEwMjY4MzA3NzU2ODQyNDEyMjk0NzQ1Njg=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJG9Su0I2pX_EIWzFYHupgc&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 41
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=fd05cfeb-2eac-4a11-8c07-a7099faa0aad
Request Chain 43
  • https://c.bing.com/c.gif?uid=57081679777511026830775684241229474568&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=079722C2155A6F472067320E141F6EA6
Request Chain 59
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=57081679777511026830775684241229474568&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-hG4cPYNE2pF4CWOBweDYtBCK_1PMtaxNZPI-~A
Request Chain 60
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=57081679777511026830775684241229474568?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=57081679777511026830775684241229474568?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=8955556e025b7f37541ecfa55cde9605
Request Chain 61
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=lA7ks6HqR-CwzVvywu0A4w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=57081679777511026830775684241229474568
Request Chain 63
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37981&time=1633893840330&url=https%3A%2F%2Fwww.mybelirefund.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D37981%26time%3D1633893840330%26url%3Dhttps%253A%252F%252Fwww.mybelirefund.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37981&time=1633893840330&url=https%3A%2F%2Fwww.mybelirefund.com%2F&liSync=true

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mybelirefund.com/ 		73 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.213.255.36 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server145-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
5c97d8b98ceb15c41d568ec981c34aa36bd9e388e17221015fba0066961835d6

Request headers

:method
GET
:authority
www.mybelirefund.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Wed, 06 Oct 2021 02:37:34 GMT
accept-ranges
bytes
content-encoding
br
vary
Accept-Encoding
content-length
10763
date
Sun, 10 Oct 2021 19:23:58 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
dtagent_ICAjp_6000500061013.js
www.mybelirefund.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mybelirefund.com/dtagent_ICAjp_6000500061013.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.213.255.36 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server145-4.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

:path
/dtagent_ICAjp_6000500061013.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mybelirefund.com
referer
https://www.mybelirefund.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 19:23:58 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
tealeaf.js
www.bell.ca/styles/tealeaf/ 		140 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bell.ca/styles/tealeaf/tealeaf.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.71.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-71-114.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
78da4350747e33feea7a25301296af749a58ed67db397fded3b604df45a4febc
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
content-encoding
br
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=78, dtSInfo;desc="0", dtRpid;desc="1943946518"
content-length
40860
x-generated-by
Q-C3-T04
x-ua-compatible
IE=edge
last-modified
Tue, 05 Oct 2021 07:40:41 GMT
server
Akamai Resource Optimizer
date
Sun, 10 Oct 2021 19:23:58 GMT
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
https://www.bell.ca
x-xss-protection
1
cache-control
max-age=31536000
etag
"d82cc9c91593d31:0"
accept-ranges
bytes
tealeaf_config_myb.js
www.bell.ca/styles/tealeaf/ 		22 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bell.ca/styles/tealeaf/tealeaf_config_myb.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.71.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-71-114.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7fc19a12ca8cffc3b6fb044ac40558659591b5572a2eacb39a4347f4a4b7444d
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
content-encoding
br
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=53, dtSInfo;desc="0", dtRpid;desc="-84352896"
content-length
3211
x-generated-by
Q-C3-T07
x-ua-compatible
IE=edge
last-modified
Tue, 05 Oct 2021 04:25:21 GMT
server
Akamai Resource Optimizer
date
Sun, 10 Oct 2021 19:23:58 GMT
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
https://www.bell.ca
x-xss-protection
1
cache-control
max-age=31536000
etag
"3238465a388d41:0"
accept-ranges
bytes
tealeaf_cookies.js
www.bell.ca/styles/tealeaf/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bell.ca/styles/tealeaf/tealeaf_cookies.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.71.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-71-114.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
b4be550cad152b2ba5e21b05048799b46749e8e9fb903facb0143401f2a504c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
content-encoding
br
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=52, dtSInfo;desc="0", dtRpid;desc="-1005659788"
content-length
678
x-generated-by
Q-C3-T05
x-ua-compatible
IE=edge
last-modified
Tue, 05 Oct 2021 05:15:14 GMT
server
Akamai Resource Optimizer
date
Sun, 10 Oct 2021 19:23:58 GMT
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
https://www.bell.ca
x-xss-protection
1
cache-control
max-age=31536000
etag
"90451fae62ccd41:0"
accept-ranges
bytes
bell.css
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/ 		817 KB
148 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
e935ffa275f3b6c64c10e8e5409cdcb53d30a62e7cc1671f505781b1a229d7af
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 19:23:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-XSS-Protection
1
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security
max-age=16070400
Content-Length
148907
X-LLID
fdd8bbc81923564cbb2192bf0eb01fa0
Expires
-1
bell.css
prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/ 		7 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/bell.css?v=ac_mdyVoYbrvVh0f8-nK3aNxvmc2us69XAv1X6JNazM1&ver=00000000
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
4f57cfe86a3a5a2342b429e71c72561565390017aa370f0601687e7ef5e89daf
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 19:23:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-XSS-Protection
1
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security
max-age=16070400
Content-Length
1605
X-LLID
9f24c152821b638a5fbeedc0c89acc65
Expires
-1
bell.js
prdbellweb.hs.llnwd.net/styles/RSX/framework/ 		100 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/bell.js?v=vkJeTCjQDbK6Tksw9ix_fVgtd31a5rr_n43vwMCQkF01&ver=00000000
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
dc30df00a881a6090d203e044486bac114b35c65882ed3f13017e75a390eb132
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1452239364"
Connection
keep-alive
X-XSS-Protection
1
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-LLID
ce55f02a06a9122256dfc0893d44b297
Expires
-1
registrationFlow-login.css
prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/page/ 		35 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/page/registrationFlow-login.css?ver=201704200546
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
f9231667a21de669e34a55065ec43eef798b70e34b1a00b7789d97fee182b8bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1243
Connection
keep-alive
Content-Length
8655
X-XSS-Protection
1
Last-Modified
Sun, 06 Jun 2021 14:42:13 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Accept-Ranges
bytes
X-LLID
f14f104961d4f1fd7c06ba5e8a7ef19c
Expires
Mon, 11 Oct 2021 19:03:15 GMT
registrationFlow-login.js
prdbellweb.hs.llnwd.net/styles/RSX/mybell/js/ 		986 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/mybell/js/registrationFlow-login.js?ver=201602291402
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
5d50635dbceea7cb7ddb1fdc29d2aafe1e8238fa5f41338fc69c99c43e6e8e4d
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
64603
Connection
keep-alive
Content-Length
372
X-XSS-Protection
1
Last-Modified
Sun, 10 Jan 2021 18:53:39 GMT
X-Generated-By
Q-C3-T01
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
3f7e4b60094157ea2bc4cd4907d452b6
Expires
Mon, 11 Oct 2021 01:27:15 GMT
foresee-trigger.js
prdbellweb.hs.llnwd.net/resource/custom/foresee/ 		126 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/resource/custom/foresee/foresee-trigger.js?ver=201612131938
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
f05c1f36007f64efd37c18565940a686e2471dc98765950a1126f69564bc0f42
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1243
Server-Timing
dtRpid;desc="1997195720"
Connection
keep-alive
Content-Length
44758
X-XSS-Protection
1
Last-Modified
Tue, 13 Dec 2016 19:38:51 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
0bd5df1245b7963b08f389e5fbb9f1d3
Expires
Mon, 11 Oct 2021 19:03:15 GMT
satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/ 		438 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
abe7b9ebf22b0908657b91b0c177cdd3f562aa49ddb1abab2c59bf475b363217

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:23:58 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:55:51 GMT
server
AkamaiNetStorage
etag
"27d77cdd6d75d7eb5ee8c1d662c21943:1633352151.953707"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Oct 2021 20:23:58 GMT
fonts.css
prdbellweb.hs.llnwd.net/Resource/web/DCX/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/Resource/web/DCX/css/fonts.css?ver=201704200546
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
3c7ca4acae314142bb67354282d6b55332cb79e1c3a27cd5b6d9125f1d69ff60
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1243
Connection
keep-alive
Content-Length
516
X-XSS-Protection
1
Last-Modified
Sun, 07 Dec 2014 07:21:29 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
e7a6efae22fe3261ca92d70925835fd6
Expires
Mon, 11 Oct 2021 19:03:15 GMT
bell_custom_deprecatedbrowser_new.css
prdbellweb.hs.llnwd.net/Resource/web/DCX/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/Resource/web/DCX/css/bell_custom_deprecatedbrowser_new.css?ver=201704200546
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
b807b62bf192dc5c6e69951600e6d38f7901fbc6d6d6ab9e3b9c97cfa84347e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1243
Connection
keep-alive
Content-Length
499
X-XSS-Protection
1
Last-Modified
Wed, 06 Jul 2016 14:01:15 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
8188a0e134a9d5d4cbac45bf97bc5fd1
Expires
Mon, 11 Oct 2021 19:03:15 GMT
bell.js
prdbellweb.hs.llnwd.net/styles/RSX/ 		371 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/bell.js?v=tgxI1zKXQjfrgXHzB6eYr6hWjwHEPHhUF588FSdvvjo1&ver=00000000
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
d89a1c1c3e41a0386fe17122c90253040b8f9f45eeffffb7dbde5d2ad74d8a30
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1410977519"
Connection
keep-alive
X-XSS-Protection
1
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-LLID
7c84f4c689abce7f1f4b02d1b6ad60e9
Expires
-1
mybell.js
prdbellweb.hs.llnwd.net/styles/RSX/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/mybell.js?v=IYpZOiBmK-B3Yyo1jqAllUdmtl3tJl8e9gX86YzuEJA1&ver=00000000
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
690299e059c90d5fdc942f8a92b179b2ff5bed6be8cace935c00de0e74638d52
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server-Timing
dtSInfo;desc="0", dtRpid;desc="260213699"
Connection
keep-alive
Content-Length
4758
X-XSS-Protection
1
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-LLID
490166dde7584f3ab340fd970f3e3687
Expires
-1
Omniture.js
prdbellweb.hs.llnwd.net/Resource/web/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/Resource/web/js/Omniture.js?ver=201604171611
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
7d8fb5c8d0547187b358a96c25ccf6588cb6b1f9d299f024eb54763f6303c7c3
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
79530
Connection
keep-alive
Content-Length
6291
X-XSS-Protection
1
Last-Modified
Sun, 18 Oct 2020 21:26:39 GMT
X-Generated-By
Q-C3-T03
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
f69b67349edbd4837572debc4f34e0de
Expires
Sun, 10 Oct 2021 21:18:29 GMT
mybell-easy-access.jpg
prdbellweb.hs.llnwd.net/styles/rsx/mybell/img/ 		526 KB
527 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prdbellweb.hs.llnwd.net/styles/rsx/mybell/img/mybell-easy-access.jpg?ver=201702171443
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
5efce1603818afc5454c7b8b44ca03a689fdc16088fe13ef9420ae7e392652af
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
1244
Connection
keep-alive
Content-Length
538536
X-XSS-Protection
1
Last-Modified
Thu, 20 Apr 2017 21:02:09 GMT
X-Generated-By
Q-C3-T04
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
75c4760f869e6a120dee71e86cda64e7
Expires
Mon, 11 Oct 2021 19:03:15 GMT
mybell-changing-plans-md.jpg
prdbellweb.hs.llnwd.net/styles/rsx/mybell/img/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prdbellweb.hs.llnwd.net/styles/rsx/mybell/img/mybell-changing-plans-md.jpg?ver=201702171443
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
3da0a9f0c5d3821aaa894c3ebf0793e06364a8cba038b1df3764fe90b200817b
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
1244
Connection
keep-alive
Content-Length
12690
X-XSS-Protection
1
Last-Modified
Mon, 07 Jun 2021 19:46:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Accept-Ranges
bytes
X-LLID
68910f05909a5045a35b3a1924b323c2
Expires
Mon, 11 Oct 2021 19:03:15 GMT
mybell-changing-plans-sm.jpg
prdbellweb.hs.llnwd.net/styles/rsx/mybell/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prdbellweb.hs.llnwd.net/styles/rsx/mybell/img/mybell-changing-plans-sm.jpg?ver=201702171443
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
4cb15d52ba31d159672b7da8ae18c0b58a791a0ece2b2c0fcc92e603d259b526
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
1244
Connection
keep-alive
Content-Length
14185
X-XSS-Protection
1
Last-Modified
Tue, 04 Feb 2020 14:49:47 GMT
X-Generated-By
Q-C3-T07
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
7a4224aebd96d25bcab686191e9e17a0
Expires
Mon, 11 Oct 2021 19:03:15 GMT
entrust_seal.png
prdbellweb.hs.llnwd.net/Resource/web/pfr/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prdbellweb.hs.llnwd.net/Resource/web/pfr/img/entrust_seal.png?ver=201406220823
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/ ASP.NET
Resource Hash
4dc13e50e249b3654a85738c945beee2e7160b2210e31df9f5f26b2c089837c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
40053
X-Powered-By
ASP.NET
Connection
keep-alive
Content-Length
8609
X-XSS-Protection
1
Last-Modified
Sun, 22 Jun 2014 08:23:08 GMT
X-Generated-By
Q-C3-T04
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
b83c6c38fe3152974301f8ac726b2348
Expires
Mon, 11 Oct 2021 08:16:26 GMT
s_code_bell.js
prdbellweb.hs.llnwd.net/resource/web/common/all_languages/all_regions/js/metrics/ 		23 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/resource/web/common/all_languages/all_regions/js/metrics/s_code_bell.js?v=23042015EH01&ver=201607271402
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/ ASP.NET
Resource Hash
ebff2f5467615b7993ed4096e75f9b37e90d8c864331354c89cdfa93e6936968
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
29797
X-Powered-By
ASP.NET
Connection
keep-alive
Content-Length
23
X-XSS-Protection
1
Last-Modified
Wed, 27 Jul 2016 14:02:31 GMT
X-Generated-By
Q-C3-T01
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
de7665334ef948360827a07379b792c1
Expires
Mon, 11 Oct 2021 11:07:22 GMT
ieDeprecatedBrowserJS.js
prdbellweb.hs.llnwd.net/MYB/web/DCX/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/MYB/web/DCX/js/ieDeprecatedBrowserJS.js?ver=201608041444
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
cef697a926119ed2e9328e84e88e3a42b1987a64256c55066b37dc3f36883515
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1244
Connection
keep-alive
Content-Length
2306
X-XSS-Protection
1
Last-Modified
Fri, 21 Jul 2017 15:03:23 GMT
X-Generated-By
Q-C3-T07
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
11f16dca2c1d064346185cbd15ecda5f
Expires
Mon, 11 Oct 2021 19:03:15 GMT
oo_engine.min.js
prdbellweb.hs.llnwd.net/Resource/web/js/opinion_lab/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/Resource/web/js/opinion_lab/oo_engine.min.js?ver=201604271428
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/ ASP.NET
Resource Hash
7f2af60ebbc9fea1a27aa227e9c3084b0a5f74fd08f35b12843ffc75ff156cf0
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
33368
X-Powered-By
ASP.NET
Connection
keep-alive
Content-Length
10961
X-XSS-Protection
1
Last-Modified
Wed, 27 Apr 2016 14:28:10 GMT
X-Generated-By
Q-C3-T04
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
90f626bf3ddff2ad060330a299ea2ae7
Expires
Mon, 11 Oct 2021 10:07:51 GMT
oo_conf_inline.js
prdbellweb.hs.llnwd.net/Resource/web/js/opinion_lab/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/Resource/web/js/opinion_lab/oo_conf_inline.js?ver=201610031730
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
af03614d99771e0f3786fda656e7020a7bb83ea098f7a29f78f8f3f0b10bd049
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
33368
Server-Timing
dtRpid;desc="681590470"
Connection
keep-alive
Content-Length
979
X-XSS-Protection
1
Last-Modified
Mon, 03 Oct 2016 17:30:31 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
ab65a9a3adbcf5f59c4ac1dba7ed0ead
Expires
Mon, 11 Oct 2021 10:07:51 GMT
inqChatLaunch10004127.js
bell.inq.com/chatskins/launch/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bell.inq.com/chatskins/launch/inqChatLaunch10004127.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
TouchCommerce Server /
Resource Hash
640c2cfce1b2b0c6b26baa8f3f201db091e4eb5881715a385c30ae7291270f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
samesite
Strict
server
TouchCommerce Server
etag
"GF9hMr6H9uB"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
no-cache
last-modified
Thu, 30 Sep 2021 05:38:55 GMT
accept-ranges
bytes
content-length
1876
x-xss-protection
1; mode=block
expires
Sun, 10 Oct 2021 20:23:59 GMT
id
dpm.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=48B034FA53CF9FD10A490D44%40AdobeOrg&d_nsid=0&ts=1633893839184
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b248cc18228759d3fea8d1fedb62c4fc7f7587e731cb6d63700adf04541f3458
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mybelirefund.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v018-0bd060ab7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
Wks8A7ReQQY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.mybelirefund.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
720
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:23:59 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Sun, 10 Oct 2021 20:23:59 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:23:59 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:53 GMT
server
AkamaiNetStorage
etag
"c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Sun, 10 Oct 2021 20:23:59 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-52328914-3
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9629e877d981c33fb6f42f572536af913ba131ee09444ca3a09bec5864a2a974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:23:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39247
x-xss-protection
0
last-modified
Sun, 10 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 10 Oct 2021 19:23:59 GMT
bell-icon.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bell-icon.woff2?ver=00000000
Requested by
Host: prdbellweb.hs.llnwd.net
URL: https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
85bcae1fc555cccfdb50e13c42034e34a02465237bd7136598e86b5aaad638f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Origin
https://www.mybelirefund.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
28592
Connection
keep-alive
Content-Length
11452
X-XSS-Protection
1
Last-Modified
Sun, 14 Feb 2021 16:40:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
a816e323ce546d0f3bb1ff5ba7ac8385
Expires
Mon, 11 Oct 2021 11:27:27 GMT
bellslim_semibold-webfont.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bellslim_semibold-webfont.woff2?ver=00000000
Requested by
Host: prdbellweb.hs.llnwd.net
URL: https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
41407c31a0d44bb952744a390decccd0a4ba5918e4ff89c860f2495d5ee7a7fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Origin
https://www.mybelirefund.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
25772
Connection
keep-alive
Content-Length
19348
X-XSS-Protection
1
Last-Modified
Sun, 19 Jan 2020 22:20:51 GMT
X-Generated-By
Q-C3-T01
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
74fd7459e687c1e6b63e2bf7ecb2068f
Expires
Mon, 11 Oct 2021 12:14:27 GMT
bellslim_medium-webfont.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bellslim_medium-webfont.woff2?ver=00000000
Requested by
Host: prdbellweb.hs.llnwd.net
URL: https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
e36f3860d6fe12df58872c55cf1fb78b7a3fe86d9a27591bfda5d8ceb34a31f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Origin
https://www.mybelirefund.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
35576
Connection
keep-alive
Content-Length
19880
X-XSS-Protection
1
Last-Modified
Sun, 19 Jan 2020 22:20:51 GMT
X-Generated-By
Q-C3-T02
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
5f803219927ae41fc655543b762aea67
Expires
Mon, 11 Oct 2021 09:31:03 GMT
mybell-easy-access.jpg
prdbellweb.hs.llnwd.net/styles/RSX/mybell/img/ 		526 KB
527 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/mybell/img/mybell-easy-access.jpg?ver=201704202102
Requested by
Host: prdbellweb.hs.llnwd.net
URL: https://prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/bell.css?v=ac_mdyVoYbrvVh0f8-nK3aNxvmc2us69XAv1X6JNazM1&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
5efce1603818afc5454c7b8b44ca03a689fdc16088fe13ef9420ae7e392652af
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/bell.css?v=ac_mdyVoYbrvVh0f8-nK3aNxvmc2us69XAv1X6JNazM1&ver=00000000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
54119
Connection
keep-alive
Content-Length
538536
X-XSS-Protection
1
Last-Modified
Thu, 20 Apr 2017 21:02:09 GMT
X-Generated-By
Q-C3-T05
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
53e0aa302481daef5a7d3a9cb3e05635
Expires
Mon, 11 Oct 2021 04:22:00 GMT
bellslim_regular-webfont.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bellslim_regular-webfont.woff2?ver=00000000
Requested by
Host: prdbellweb.hs.llnwd.net
URL: https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
3e4d8f00673f6a80b26a8565f9931374e1e9171553b078261a67772af7511629
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Origin
https://www.mybelirefund.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
33368
Connection
keep-alive
Content-Length
19412
X-XSS-Protection
1
Last-Modified
Sun, 19 Jan 2020 22:20:51 GMT
X-Generated-By
Q-C3-T07
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca
Accept-Ranges
bytes
X-LLID
da1432e4c2a9cac75521dc46450ce4fa
Expires
Mon, 11 Oct 2021 10:07:51 GMT
bell-icon-outline.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ 		106 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bell-icon-outline.woff2?ver=00000000
Requested by
Host: prdbellweb.hs.llnwd.net
URL: https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.79.243.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-243-128.fra.llnw.net
Software
/
Resource Hash
4bd46e0217fc98e9be4ef531ed0caae164b747801e379a09043d96a877fc75af
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://prdbellweb.hs.llnwd.net/styles/RSX/framework/css/bell.css?v=P3DjdOwtJRmo0KyzjJPwz54RHlZomNqbhO-jAE_TR241&ver=00000000
Origin
https://www.mybelirefund.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:23:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
20015
Connection
keep-alive
Content-Length
108820
X-XSS-Protection
1
Last-Modified
Tue, 10 Aug 2021 17:02:54 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Accept-Ranges
bytes
X-LLID
27d7f39fb02f81ff1629ef04bba33eb4
Expires
Mon, 11 Oct 2021 13:50:24 GMT
dest5.html
bellca.demdex.net/ Frame 4852 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bellca.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.107.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-107-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
bellca.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.mybelirefund.com/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=57081679777511026830775684241229474568
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Sun, 10 Oct 2021 19:23:59 GMT
DCS
dcs-prod-irl1-1-v018-0387a5f78.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 4 Oct 2021 13:53:51 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
1WKhXxsaTu0=
Content-Length
2791
Connection
keep-alive
ibs:dpid=411&dpuuid=YWM9zwAAAJUsOwQz
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=57081679777511026830775684241229474568
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YWM9zwAAAJUsOwQz
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YWM9zwAAAJUsOwQz
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v018-0ea7417ce.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bYw0T6MpQPE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YWM9zwAAAJUsOwQz
Date
Sun, 10 Oct 2021 19:23:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
json
somni.bell.ca/m2/bellcanada/mbox/ 		142 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://somni.bell.ca/m2/bellcanada/mbox/json?mbox=target-global-mbox&mboxSession=1cf9d3bfc4604281bd1ff58d8084df1a&mboxPC=&mboxPage=97512b16bd5242e7b44a4b404341fed6&mboxRid=e595b9da20564ea0b6dc0e211437c3a8&mboxVersion=1.8.2&mboxCount=1&mboxTime=1633893839199&mboxHost=www.mybelirefund.com&mboxURL=https%3A%2F%2Fwww.mybelirefund.com%2F&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&language=en&province=&mboxMCSDID=72019AAD686FF1A1-4EC87AB24051F25B&mboxMCGVID=57273176867740856520760880918972831687&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.151.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-151-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
31b69cd2d2c544afa8b7bd82c7d4b43563aaf115efa630677c852af42d9b66cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 19:23:59 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mybelirefund.com
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
content-length
142
x-request-id
e595b9da20564ea0b6dc0e211437c3a8
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52328914-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2222
date
Sun, 10 Oct 2021 18:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 10 Oct 2021 20:46:57 GMT
ibs:dpid=771&dpuuid=CAESEJG9Su0I2pX_EIWzFYHupgc&google_cver=1
dpm.demdex.net/ Frame 4852
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTcwODE2Nzk3Nzc1MTEwMjY4MzA3NzU2ODQyNDEyMjk0NzQ1Njg=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTcwODE2Nzk3Nzc1MTEwMjY4MzA3NzU2ODQyNDEyMjk0NzQ1Njg=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJG9Su0I2pX_EIWzFYHupgc&google_cver=1?gdpr=0&gdpr_consent=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJG9Su0I2pX_EIWzFYHupgc&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bellca.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v018-0231ac4a8.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
PYdcKS06Tm4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 19:23:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJG9Su0I2pX_EIWzFYHupgc&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chatLoader.min.js
media-us1.digital.nuance.com/media/launch/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1632980314424
Requested by
Host: bell.inq.com
URL: https://bell.inq.com/chatskins/launch/inqChatLaunch10004127.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.212.67.145 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waw01r3.msedge.net
Software
TouchCommerce Server /
Resource Hash
2e8f4f6158ee4e23d270f962be25b0a2a1e56b62c32eaeaf96c46c329b507dec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
samesite
Strict
x-azure-ref-originshield
0DzZjYQAAAADBl/b8unqMQYeWh2D0eYO4TE9OMjFFREdFMTUxMABjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
x-cache
TCP_HIT
vary
Accept-Encoding
content-length
6230
x-xss-protection
1; mode=block
last-modified
Tue, 28 Sep 2021 12:47:08 GMT
server
TouchCommerce Server
date
Sun, 10 Oct 2021 19:23:59 GMT
x-azure-ref
0zz1jYQAAAAC3tRlY+Jl3TalUqgo2JBgTV0FXMDFFREdFMDUxMgBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
content-type
application/javascript
cache-control
public, max-age=3600
etag
"6mUr/4C1U9l"
accept-ranges
bytes
ibs:dpid=903&dpuuid=fd05cfeb-2eac-4a11-8c07-a7099faa0aad
dpm.demdex.net/ Frame 4852
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=fd05cfeb-2eac-4a11-8c07-a7099faa0aad
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=fd05cfeb-2eac-4a11-8c07-a7099faa0aad
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bellca.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v018-01743d76c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
VbMghB+mT78=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 19:24:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=fd05cfeb-2eac-4a11-8c07-a7099faa0aad
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
foresee-surveydef.js
www.mybelirefund.com/custom/foresee/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mybelirefund.com/custom/foresee/foresee-surveydef.js?build=24
Requested by
Host: prdbellweb.hs.llnwd.net
URL: https://prdbellweb.hs.llnwd.net/resource/custom/foresee/foresee-trigger.js?ver=201612131938
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.213.255.36 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server145-4.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

:path
/custom/foresee/foresee-surveydef.js?build=24
pragma
no-cache
cookie
Tealeaf=028c9d54-1482-4054-b6e9-0b7230f89071; at_check=true; mbox=session#1cf9d3bfc4604281bd1ff58d8084df1a#1633895700; DAPROPS="sdevicePixelRatio:1|bjs.deviceOrientation:0|sdeviceAspectRatio:1600/1200|sjs.webGlRenderer:Intel Iris OpenGL Engine|sscreenWidthHeight:1600/1200|srendererRef:0950400072|saudioRef:781311942|sversion:1.9.1|bE:0"; AMCVS_48B034FA53CF9FD10A490D44%40AdobeOrg=1; AMCV_48B034FA53CF9FD10A490D44%40AdobeOrg=359503849%7CMCIDTS%7C18911%7CMCMID%7C57273176867740856520760880918972831687%7CMCAAMLH-1634498639%7C6%7CMCAAMB-1634498639%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1633901039s%7CNONE%7CMCSYNCSOP%7C411-18918%7CvVersion%7C5.0.1; fsr.a=1633893839824; fsr.s=%7B%22v2%22%3A-2%2C%22v1%22%3A1%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mybelirefund.com
referer
https://www.mybelirefund.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 19:23:59 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
ibs:dpid=1957&dpuuid=079722C2155A6F472067320E141F6EA6
dpm.demdex.net/ Frame 4852
Redirect Chain
  • https://c.bing.com/c.gif?uid=57081679777511026830775684241229474568&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=079722C2155A6F472067320E141F6EA6
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=079722C2155A6F472067320E141F6EA6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bellca.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v018-0b11b7be7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
YJ8W7FSnTHQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 19:24:00 GMT
x-msedge-ref
Ref A: A138FE3054F84244A581BA48F914DCD4 Ref B: PRG01EDGE0716 Ref C: 2021-10-10T19:24:00Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=079722C2155A6F472067320E141F6EA6
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
RCa7fe5f01f48f4adc826ff82f1b609e0e-source.min.js
assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/ 		411 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/RCa7fe5f01f48f4adc826ff82f1b609e0e-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
25941ed3256b5f5a6e7c3972e2d26e626c07e9d54c738334b3ee919691853650

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:55:52 GMT
server
AkamaiNetStorage
etag
"db3c14e73ca0bd1f9230786764a59894:1633352152.777532"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
252
expires
Sun, 10 Oct 2021 20:24:00 GMT
RC76def036df5043a2b6fe16a5e5d51a14-source.min.js
assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/ 		1 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/RC76def036df5043a2b6fe16a5e5d51a14-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c6655b0013a3efd04570aaa7101ae5c243b1fd0f07b826c3f299b05df5386881

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:55:52 GMT
server
AkamaiNetStorage
etag
"db3c14e73ca0bd1f9230786764a59894:1633352152.777532"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
715
expires
Sun, 10 Oct 2021 20:24:00 GMT
RC46c1f1f2797b420abf99ef1792131d16-source.min.js
assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/ 		534 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/RC46c1f1f2797b420abf99ef1792131d16-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f57ff730a56e15ae26a277fd3ff1c673f132fb824e8d946d555b562e69f54a3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:55:52 GMT
server
AkamaiNetStorage
etag
"db3c14e73ca0bd1f9230786764a59894:1633352152.777532"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
336
expires
Sun, 10 Oct 2021 20:24:00 GMT
RC8651f89cb51043fea60784aa30eeaba9-source.min.js
assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/ 		889 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/RC8651f89cb51043fea60784aa30eeaba9-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fd264d852e9431547e1627b1d2a3bdf7dc25057e2b7e4ce1c33655bf6ac79a2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:55:52 GMT
server
AkamaiNetStorage
etag
"db3c14e73ca0bd1f9230786764a59894:1633352152.777532"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
569
expires
Sun, 10 Oct 2021 20:24:00 GMT
RC6d5b6d636264448583afaf6f9f1879bb-source.min.js
assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/ 		570 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/RC6d5b6d636264448583afaf6f9f1879bb-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
097031d38e263f0ba4cead35ecbaefdd2d799de9a102ab976fab1f3c5e16754b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:55:52 GMT
server
AkamaiNetStorage
etag
"db3c14e73ca0bd1f9230786764a59894:1633352152.777532"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
357
expires
Sun, 10 Oct 2021 20:24:00 GMT
RCfaf059cbab48442fa3c9a55fa394822b-source.min.js
assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/ 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/RCfaf059cbab48442fa3c9a55fa394822b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9f930b59dfffd0ff32a756b0c50bdbcc2ddc453ee956b50ba9d34a6859eb14bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:55:52 GMT
server
AkamaiNetStorage
etag
"db3c14e73ca0bd1f9230786764a59894:1633352152.777532"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
721
expires
Sun, 10 Oct 2021 20:24:00 GMT
RCee421915886f4fa2922f2e25abc7ecd1-source.min.js
assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/RCee421915886f4fa2922f2e25abc7ecd1-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
29267ae2fa8409b8d1df92ab3791c4a91130d7d3b250c80422f04e3f95bdc57b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:55:52 GMT
server
AkamaiNetStorage
etag
"db3c14e73ca0bd1f9230786764a59894:1633352152.777532"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
948
expires
Sun, 10 Oct 2021 20:24:00 GMT
RCfa9fb37ad58042faa3f64dc6b994a7dd-source.min.js
assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/ 		857 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/RCfa9fb37ad58042faa3f64dc6b994a7dd-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8f4aecf9743b2cff326c01e7fbcd54e75e8ebd9eae4b3fc9022f7be42ed0fbb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:55:52 GMT
server
AkamaiNetStorage
etag
"db3c14e73ca0bd1f9230786764a59894:1633352152.777532"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
513
expires
Sun, 10 Oct 2021 20:24:00 GMT
inqChat.html
www.mybelirefund.com/touchcommerce/ Frame 7731 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mybelirefund.com/touchcommerce/inqChat.html?IFRAME&nuance-frame-ac=0
Requested by
Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1632980314424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.213.255.36 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server145-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

:method
GET
:authority
www.mybelirefund.com
:scheme
https
:path
/touchcommerce/inqChat.html?IFRAME&nuance-frame-ac=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mybelirefund.com/
accept-encoding
gzip, deflate, br
cookie
Tealeaf=028c9d54-1482-4054-b6e9-0b7230f89071; at_check=true; DAPROPS="sdevicePixelRatio:1|bjs.deviceOrientation:0|sdeviceAspectRatio:1600/1200|sjs.webGlRenderer:Intel Iris OpenGL Engine|sscreenWidthHeight:1600/1200|srendererRef:0950400072|saudioRef:781311942|sversion:1.9.1|bE:0"; AMCVS_48B034FA53CF9FD10A490D44%40AdobeOrg=1; AMCV_48B034FA53CF9FD10A490D44%40AdobeOrg=359503849%7CMCIDTS%7C18911%7CMCMID%7C57273176867740856520760880918972831687%7CMCAAMLH-1634498639%7C6%7CMCAAMB-1634498639%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1633901039s%7CNONE%7CMCSYNCSOP%7C411-18918%7CvVersion%7C5.0.1; fsr.a=1633893839824; fsr.s=%7B%22v2%22%3A-2%2C%22v1%22%3A1%7D; _ga=GA1.2.197405077.1633893840; _gid=GA1.2.823801339.1633893840; mbox=session#1cf9d3bfc4604281bd1ff58d8084df1a#1633895700|PC#1cf9d3bfc4604281bd1ff58d8084df1a.37_0#1697138640
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
content-type
text/html
content-length
1238
date
Sun, 10 Oct 2021 19:24:00 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25967
x-xss-protection
0
pragma
public
x-fb-debug
QPQEtTMX7RgGtwRRN0oYx2qb9TEeWYE4BjDFgNlXmZAcMas9o7ykUvrgxCaElEYnionZTpm1t/6RkEVGteAZ6A==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 10 Oct 2021 19:24:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
siteanalyze_1154.js
siteimproveanalytics.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteimproveanalytics.com/js/siteanalyze_1154.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9655fcf24656720843af3d792217bbaa2a5fcadd9a0ac0cb69313329e11ec509

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2876
cf-ray
69c239f609482798-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4493
x-amz-id-2
MOXK0V13VmM525E+oYnCelG+CjaU5gN01bt8W9BmFiCMGTfx/H/Bf5pW3MssO4rdEyGPOKQaxIg=
last-modified
Mon, 06 Apr 2020 12:55:44 GMT
server
cloudflare
etag
"017e1ff587704f0c9db6e4b4430fd927"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kLiXc%2Fg4VDVfR%2BueZ5IDHzyelWXh1f%2B%2B%2BIOKxWmVWWPiYXF1zX%2BLiVyxq4zWnGtLMgGa18KSMRXYFlUCsPr0gD3vgOhD7AUlXw%2BX9jnodwUvnK6pJNDVWjlLhnc0II8TTkfTmsoXU6gaNI%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
5GZENW4C8M85F2SM
cache-control
max-age=86400, no-transform
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-BY
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kcgs7200172-IAD, cache-hhn11578-HHN
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:24:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=59482
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
scevent.min.js
sc-static.net/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-45.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5873
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-id
VgKmXk8cq240ETY1Nbj96bEJLGam8p_qLoRgXRoJCGerq7UFlOpsjg==
events.js
analytics.tiktok.com/i18n/pixel/ 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C21IPUOB5SON3UJSMRB0&lib=ttq
Requested by
Host: www.mybelirefund.com
URL: https://www.mybelirefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-161.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ac28ee4c234de329ce740ef7ec8af26cec56ac1a0968eafd882b780c9d0bf036

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id
40de04d9.271b1691
date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a184-28-235-39.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-157.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
161,2.16.186.157
server-timing
cdn-cache; desc=MISS, edge; dur=152, origin; dur=9, inner; dur=1
pragma
no-cache
server
nginx
x-tt-logid
20211010192400010245248043101DDB48
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,184.28.235.39
x-tt-trace-host
0194e23702e189c3d243d326c7e0c94ef25082b17544ff08053256674115b9684793181bfb67302aa550d3543dc78aaf13d0f67577473583779d477e0ffd62d0185c2795c87d6592d093cb255cbc8c264f8d5ec776afe1e76eb8292f2b468d0374207bae3d46c78d278c917415363d142e
expires
Sun, 10 Oct 2021 19:24:00 GMT
ibs:dpid=30646
dpm.demdex.net/ Frame 4852
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=57081679777511026830775684241229474568&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-hG4cPYNE2pF4CWOBweDYtBCK_1PMtaxNZPI-~A
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-hG4cPYNE2pF4CWOBweDYtBCK_1PMtaxNZPI-~A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bellca.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v018-01743d76c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/KIDvlW5QSo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Sun, 10 Oct 2021 19:24:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-hG4cPYNE2pF4CWOBweDYtBCK_1PMtaxNZPI-~A
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
ibs:dpid=121998&dpuuid=8955556e025b7f37541ecfa55cde9605
dpm.demdex.net/ Frame 4852
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=57081679777511026830775684241229474568?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=57081679777511026830775684241229474568?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=8955556e025b7f37541ecfa55cde9605
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=8955556e025b7f37541ecfa55cde9605
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bellca.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v018-07edf1b28.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
D0p3/qRMRpE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 19:24:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=8955556e025b7f37541ecfa55cde9605
cache-control
no-cache
x-server
10.45.29.180
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 4852
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=lA7ks6HqR-CwzVvywu0A4w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=57081679777511026830775684241229474568
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=57081679777511026830775684241229474568
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bellca.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 19:24:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VJX0J47664RPKR0SV07R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-1-v018-0387a5f78.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fhYY9HVIQFA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=57081679777511026830775684241229474568
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
117011412354829
connect.facebook.net/signals/config/ 		490 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/117011412354829?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
49af1cf3b0b8e3f3d3e709154215611368d7a9dc55653fee4f10e2e1ffa54e27
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
ABxa9Pw6SlCeFUqd2RBbfiWYYsE0pRIZKisL0IZjZTqKyXxz5mTcTs48uEtVrLfGxFeFdWTTtm8LAApkoXa35w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 10 Oct 2021 19:24:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37981&time=1633893840330&url=https%3A%2F%2Fwww.mybelirefund.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D37981%26time%3D1633893840330%26url%3Dhttps%253A%252F%252Fwww.mybelirefund.com%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37981&time=1633893840330&url=https%3A%2F%2Fwww.mybelirefund.com%2F&liSync=true
0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37981&time=1633893840330&url=https%3A%2F%2Fwww.mybelirefund.com%2F&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.85 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-85.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:01 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
nkDmqsrBrBbAEYsLQCsAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXOBI381gN4L4NlCvoBrg==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3417478E34A34E6A8A9E2100E87AFEC9 Ref B: PRG01EDGE1118 Ref C: 2021-10-10T19:24:00Z
date
Sun, 10 Oct 2021 19:24:00 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37981&time=1633893840330&url=https%3A%2F%2Fwww.mybelirefund.com%2F&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nu9ts&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e1c35a56-1ee7-4645-a7b9-85995cbba50c&tw_document_href=https%3A%2F%2Fwww.mybelirefund.com%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Sun, 10 Oct 2021 19:24:00 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
29d474292353eff88a3e79623b309d9266680bc6fda04e2331e00d531cc0176e
x-transaction
4baa8c3e5a8335a2
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nu9ts&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e1c35a56-1ee7-4645-a7b9-85995cbba50c&tw_document_href=https%3A%2F%2Fwww.mybelirefund.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Sun, 10 Oct 2021 19:24:00 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0de44836f42d4fb34a72d5668d01185f075412f79fdd782fea16a82e89d3047d
x-transaction
d661911c659b81a4
expires
Tue, 31 Mar 1981 05:00:00 GMT
i
tr.snapchat.com/cm/ Frame 82DD 		0
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=50a38fee-9934-45ee-950b-5f4599360ebf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=50a38fee-9934-45ee-950b-5f4599360ebf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mybelirefund.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/

Response headers

server
nginx/1.17.3
date
Sun, 10 Oct 2021 19:24:00 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 8299 		0
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
231
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.mybelirefund.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mybelirefund.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://www.mybelirefund.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/

Response headers

server
nginx/1.17.3
date
Sun, 10 Oct 2021 19:24:00 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQWMMyeCelvYLjZxc61KCx41r4oqXONm3VpfDVy5mHQBYyfPwHhD5PPzIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
image.aspx
1154.global.siteimproveanalytics.io/ 		34 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1154.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.mybelirefund.com%2F&title=Log%20in%20to%20MyBell&res=1600x1200&accountid=1154&rt=2698&prev=1633893898762&luid=29ccc3dc-4e12-9a42-4b2a-c956bbc203cd&rnd=33713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.224.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-224-120.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 19:24:00 GMT
Cache-Control
max-age=0, no-cache="set-cookie"
Expires
Sun, 10 Oct 2021 19:24:00 UTC
Connection
keep-alive
Content-Type
image/gif
Content-Length
34
P3p
NOI OUR IND COM NAV INT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C21IPUOB5SON3UJSMRB0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-161.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id
2fb5c33c.271b18c0
date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-61-205-14.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-157.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
156,2.16.186.157
server-timing
cdn-cache; desc=MISS, edge; dur=152, origin; dur=4, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
202110101924000102452441381E31D95D
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
4,23.61.205.14
x-tt-trace-host
0194e23702e189c3d243d326c7e0c94ef227b7b7ac0944a15a92202c937cc157875e311eaf00eefce02a1c1c7db18950efd31717f0a679b531a3d20701e2997a905fba7cfd61830b7a351c37585fc4b273664c4a128a5f858696bc8ec6e2989e724e60dfe10b4bdb0922495d8351aa76db
expires
Sun, 10 Oct 2021 19:24:00 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		702 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C21IPUOB5SON3UJSMRB0&hostname=www.mybelirefund.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C21IPUOB5SON3UJSMRB0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-161.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
639b93e11271d7bcd6b68ad775e733a55a2acc67164b8a9d9c6841b5ea26d89f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id
8cd09c2e.271b1971
date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-48-107-37.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-157.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
157,2.16.186.157
server-timing
cdn-cache; desc=MISS, edge; dur=153, origin; dur=5, inner; dur=3
content-length
317
pragma
no-cache
server
nginx
x-tt-logid
202110101924000102450232212224BF4B
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.48.107.37
x-tt-trace-host
0194e23702e189c3d243d326c7e0c94ef227b7b7ac0944a15a92202c937cc1578767b15b24c05909318429732dcf7c1e07756b274e4c5cab6ebb5cae9d96ca2f91a1382b07cc8063d07741974d8cd6db8a7b0df913751fbadab5670587aa9dd65cfbdbdfcb3f93706855440321e7b9112e
expires
Sun, 10 Oct 2021 19:24:00 GMT
RC824c9f05f35c451eb794c7b16257a765-source.min.js
assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/ 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/92c238f848e3/7634fe33bd4f/706cb9ccf18b/RC824c9f05f35c451eb794c7b16257a765-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/e5e56a2b361a85fb91320927e55b3706fb2e1846/satelliteLib-1dcd6e2c98eb2fcfe6e3ad2eabcdb0d75a3f7edf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f59b23d10d4e94965739111e681534f8eee58c96c8a80b1bf91d52431e8c086

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:55:52 GMT
server
AkamaiNetStorage
etag
"db3c14e73ca0bd1f9230786764a59894:1633352152.777532"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.mybelirefund.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
731
expires
Sun, 10 Oct 2021 20:24:00 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-953414520&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52328914-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1b17423af0833addf4afe2e7b03b1053846a2acf05156734b44f266cf439c148
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39653
x-xss-protection
0
last-modified
Sun, 10 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 10 Oct 2021 19:24:00 GMT
257166838935738
connect.facebook.net/signals/config/ 		490 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/257166838935738?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
38490a4cff813e9bd76ac2b070bdc4940a0eb5770bce86c37ad621e845587897
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
yllmpxcSUhJzNHdNrg5nV+7tiMlZr3YP4oL3a7O8YLLRl8f94qpK/2yH/TRjetB+pibSwcoWvPPzgAbCUcVpgg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 10 Oct 2021 19:24:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
s6348562051303
data1.bell.ca/b/ss/devbellca/10/JS-2.22.0-LBWB/ 		117 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data1.bell.ca/b/ss/devbellca/10/JS-2.22.0-LBWB/s6348562051303?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=10%2F9%2F2021%2019%3A24%3A0%200%200&d.&nsid=0&jsonv=1&.d&sdid=72019AAD686FF1A1-4EC87AB24051F25B&mid=57273176867740856520760880918972831687&aamlh=6&ce=UTF-8&cdp=2&pageName=Login&g=https%3A%2F%2Fwww.mybelirefund.com%2F&cc=CAD&ch=Login&server=mtrlpqdc2c3-t05&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=false&v3=false&c6=D%3Dv135&c9=Login&c10=D%3Dv46&c12=D%3Dv3&c13=D%3Dv31&c14=https%3A%2F%2Fwww.mybelirefund.com%2F&v14=D%3Dv13&c16=D%3Dv18&c21=D%3Dv21&v21=en-on&v23=028c9d54-1482-4054-b6e9-0b7230f89071&v29=D%3Dv25&c32=D%3Dv2&v32=57273176867740856520760880918972831687&c33=Login&c36=D%3Dv36&v36=Sunday-3%3A15PM&c37=D%3Dv37&v37=1&c44=D%3Dv102&c45=No%20Referrer&v46=Login&c50=LAUNCH%5Bproduction%20Published%20on%3A%202021-10-04T12%3A54%3A48Z%5D&v51=D%3Dg&c55=D%3Dv77&c57=D%3Dv30&c58=D%3Dv60&c65=2021-10-10%2C19%3A24%3A00.618%2C2017-04-20%2C12%3A02%3A42.832&v67=dd57ecf3-c7d9-423b-a786-085d7b2db7b2%3A028c9d54-1482-4054-b6e9-0b7230f89071&c68=Login&c70=D%3DUser-Agent&c73=D%3Dv17&c75=Login&v75=D%3DUser-Agent&v103=DTM%20%7Csync%7C_satellite.pageBottom%28%29&v145=Page%20load&v146=9.099998474121094&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=48B034FA53CF9FD10A490D44%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
5f28515ef3a4dfdc873b7d213ed53c50c450e237f1ccdabc43a8a9e88e3046f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
x-content-type-options
nosniff
x-c
main-1540.I13d07b.M0-522
p3p
CP="This is not a P3P policy"
vary
*
content-length
117
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 11 Oct 2021 19:24:00 GMT
server
jag
xserver
anedge-b4c7fdd79-rnx99
etag
3508760304954605568-4619663466625043032
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sat, 09 Oct 2021 19:24:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
710 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C21IPUOB5SON3UJSMRB0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-161.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mybelirefund.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4beb43d4.271b1af8
date
Sun, 10 Oct 2021 19:24:00 GMT
x-cache-remote
TCP_MISS from a184-28-235-70.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-157.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
163,2.16.186.157
server-timing
cdn-cache; desc=MISS, edge; dur=154, origin; dur=11, inner; dur=9
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202110101924000102452460360923F198
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,184.28.235.70
x-tt-trace-host
0194e23702e189c3d243d326c7e0c94ef25082b17544ff08053256674115b968473f48468da8557613ad2c97df71c860cff9d429979a3911160d27feca39db4c938d16f87b9534d1fb13b1b5bfdabce7a4e1ca28951928408d7689c7145dfc0cc96e7e5af9a928db68851fbac9ef079af3
expires
Sun, 10 Oct 2021 19:24:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-953414520&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14399
x-xss-protection
0
server
cafe
etag
3154747477907843336
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 19:24:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1283196141&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mybelirefund.com%2F&ul=en-us&de=UTF-8&dt=Log%20in%20to%20MyBell&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUABAAAAAC~&jid=1777558795&gjid=1647522023&cid=197405077.1633893840&tid=UA-52328914-3&_gid=823801339.1633893840&_r=1&gtm=2oua60&cd1=false&cd2=false&cd10=en-on&cd19=Login&cd20=Login&cd23=Login&cd30=028c9d54-1482-4054-b6e9-0b7230f89071&cd45=https%3A%2F%2Fwww.mybelirefund.com%2F&cd46=No%20Referrer&cd51=2021-10-10%2C19%3A24%3A00.639%2C2017-04-20%2C12%3A02%3A42.832&cd54=en&cd55=on&cd62=Login&cd63=LAUNCH%5Bproduction%20Published%20on%3A%202021-10-04T12%3A54%3A48Z%5D&cd64=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&cd9=197405077.1633893840&z=820866321
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mybelirefund.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 19:24:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mybelirefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=117011412354829&ev=PageView&dl=https%3A%2F%2Fwww.mybelirefund.com%2F&rl=&if=false&ts=1633893840863&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633893840862.1154678604&it=1633893840325&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 10 Oct 2021 19:24:00 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=257166838935738&ev=PageView&dl=https%3A%2F%2Fwww.mybelirefund.com%2F&rl=&if=false&ts=1633893840869&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633893840862.1154678604&it=1633893840325&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 10 Oct 2021 19:24:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/953414520/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/953414520/?random=1633893840897&cv=9&fst=1633893840897&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mybelirefund.com%2F&tiba=Log%20in%20to%20MyBell&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ed5b0df1b615f3fcc175395059275e41083ba3f9849c7c114750b3382c65bb5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 19:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1021
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
bid.g.doubleclick.net/xbbe/ Frame CD0D 		0
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bid.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=KAE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mybelirefund.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlPTLDF3dG1pqny2CV2ynh9W-ZkePev6ykE4RIrQDy893g1UM52utnoesmuv8k
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 10 Oct 2021 19:24:00 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.google.com/pagead/1p-user-list/953414520/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/953414520/?random=1633893840897&cv=9&fst=1633892400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mybelirefund.com%2F&tiba=Log%20in%20to%20MyBell&async=1&fmt=3&is_vtc=1&random=1114381867&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 19:24:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=117011412354829&ev=Microdata&dl=https%3A%2F%2Fwww.mybelirefund.com%2F&rl=&if=false&ts=1633893842367&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Log%20in%20to%20MyBell%22%2C%22meta%3Adescription%22%3A%22Log%20in%20to%20MyBell%20to%20manage%20your%20personal%20Bell%20account%20and%20bill%20online.%20You%EF%BF%BDll%20be%20able%20to%20view%20and%20pay%20your%20e-bill%20and%20use%20a%20variety%20of%20self-serve%20features.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633893840862.1154678604&it=1633893840325&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:02 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 10 Oct 2021 19:24:02 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=257166838935738&ev=Microdata&dl=https%3A%2F%2Fwww.mybelirefund.com%2F&rl=&if=false&ts=1633893842371&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Log%20in%20to%20MyBell%22%2C%22meta%3Adescription%22%3A%22Log%20in%20to%20MyBell%20to%20manage%20your%20personal%20Bell%20account%20and%20bill%20online.%20You%EF%BF%BDll%20be%20able%20to%20view%20and%20pay%20your%20e-bill%20and%20use%20a%20variety%20of%20self-serve%20features.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633893840862.1154678604&it=1633893840325&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mybelirefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:24:02 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 10 Oct 2021 19:24:02 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BCE-Bell (Telecommunication)

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster object| TLT function| Sizzle object| pako function| tl_ghn function| tl_generateUUID function| tl_setCookie function| tl_rmCookie number| tl_cookie_expiry_in_minutes string| tl_cookie_name string| s_oTELF function| tl_getCookie function| tl_checkCookie function| jQRSX object| html5 object| Modernizr function| yepnope undefined| $ function| jQuery function| maskUnmaskPws object| $$FSR object| FSRCONFIG object| FSR function| makeArray object| ForeSee object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| s_satelliteTrack function| s_oTrackPage function| s_oTrackPageLoad function| s_oTrack function| s_oTrackChat object| echat object| c2cClickedListener object| InqRegistry object| agentListener object| chatEngagedListener object| prechatSurveyShownListener object| automatonExit object| c2cStateChanged object| prechatSurveyCompletedListener object| chatLaunchedListener object| saleQualifiedListener object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| ga_prop object| s_gtag_Async object| s_gtag_Sync function| gtag object| dataLayer object| DeviceAtlas object| BELL function| Waypoint function| Hammer object| Placeholders string| propsCache function| PassValuesToOmnitureVariables function| TrackVariables function| SendJSVariablesToOmniture function| PassValuesToOmnitureVariablesNew function| TrackVariablesNew function| SendJSVariablesToOmnitureNew function| SetUsagePageNames function| RemoveHtmlTags function| RemoveSepecialCharacters function| SetePostMobilityUsagePageNames function| getErrorVariablesFromJsonErrors function| getMessagesVariablesFromJson function| ParseErrorsJsonFromResponse function| ParseMessagesJsonFromResponse function| getAPTValue function| getClientDate function| getClientTime function| formatMsg function| formatMsgFirst100 function| queryJson function| queryJsonErrors function| FormatLightBoxContent function| Formatted_Omniture_LBContent function| Omniture_LBContent function| Omniture_LBTitleAndContent function| Omniture_LBContent_ErrorTracking function| PassAjaxErrorsToOmniture function| OmnitureTrackAction function| getOBTN function| addOmnitureValidationError object| MessageCatgEnumJS object| OmnitureContext object| OmnitureAction function| loginLinkTracking function| popper string| s_oCGN string| s_oCVR string| s_oPGN string| s_oLNG string| s_oPRV string| s_oSIN string| s_oSS1 string| s_oSS2 string| s_oSS3 boolean| s_oLGS string| s_oSID string| s_oSID_OMN string| s_oLOB string| s_oACT string| s_oMOT string| s_oBUP string| s_oMED string| s_oMOID string| s_oTVID string| s_oIID string| s_oHPID string| s_oOBID string| s_oESTD string| s_oESTT string| s_oTLF boolean| s_oPTE function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s string| s_oLoadDTM function| IsBrowserMessageClosedByUser function| IsNonIEBrowserMessageClosedByUser function| IsBrowserUpgradedByUser function| IsLearnMoreClickedByUser function| IsCompatibilityBrowserMessageClosedByUser function| setCookie function| getCookieValue function| addListener function| handleOldBrowserDetection object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| OOo function| evaluateLegacySettings function| wrapWithTryCatch function| secureProtocol function| getParentV3LanderConfig function| loadChat object| v3Lander object| v3LanderConfig number| safeInqReinitchatCount function| safeInqReinitchat string| t_ss1 string| t_ss2 string| t_ss3 string| t_pgn string| t_eid string| t_art string| result boolean| __$$FSRINIT$$__ object| gaplugins object| gaGlobal object| gaData object| __webpack_exports__ string| ss1 string| ss2 string| ss3 string| pgn string| key string| SS1 string| SS2 object| pixel function| fbq function| _fbq object| __bda_promise_twtr function| twq string| _linkedin_data_partner_id string| prevPgn object| mobRE boolean| isMob string| scID function| snaptr object| r string| ttID string| TiktokAnalyticsObject object| ttq object| twttr function| lintrk boolean| _already_called_lintrk object| _sz boolean| triedToSendCookieToNative object| WebJSBridge object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge string| brsq string| brssq boolean| rule1 boolean| rule2 function| count_ocurrencies object| to_remove boolean| isPV object| _dim_ga object| _evt_ga string| _ss1 string| _ss2 string| _aw object| obj_ecom string| t_apt string| t_srver string| t_ajax_error string| t_log string| t_error_flow string| t_expand string| t_fr object| regeneratorRuntime object| JSON3 object| s_i_devbellca function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

44 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.mybelirefund.com/ Name: Tealeaf
Value: 028c9d54-1482-4054-b6e9-0b7230f89071
.mybelirefund.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 57081679777511026830775684241229474568
www.mybelirefund.com/ Name: DAPROPS
Value: "sdevicePixelRatio:1|bjs.deviceOrientation:0|sdeviceAspectRatio:1600/1200|sjs.webGlRenderer:Intel Iris OpenGL Engine|sscreenWidthHeight:1600/1200|srendererRef:0950400072|saudioRef:781311942|sversion:1.9.1|bE:0"
.mybelirefund.com/ Name: AMCVS_48B034FA53CF9FD10A490D44%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YWM9zwAAAJUsOwQz
.dpm.demdex.net/ Name: dpm
Value: 57081679777511026830775684241229474568
.mybelirefund.com/ Name: AMCV_48B034FA53CF9FD10A490D44%40AdobeOrg
Value: 359503849%7CMCIDTS%7C18911%7CMCMID%7C57273176867740856520760880918972831687%7CMCAAMLH-1634498639%7C6%7CMCAAMB-1634498639%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1633901039s%7CNONE%7CMCSYNCSOP%7C411-18918%7CvVersion%7C5.0.1
.doubleclick.net/ Name: IDE
Value: AHWqTUlPTLDF3dG1pqny2CV2ynh9W-ZkePev6ykE4RIrQDy893g1UM52utnoesmuv8k
.mybelirefund.com/ Name: fsr.s
Value: %7B%22v2%22%3A-2%2C%22v1%22%3A1%7D
.mybelirefund.com/ Name: _ga
Value: GA1.2.197405077.1633893840
.mybelirefund.com/ Name: _gid
Value: GA1.2.823801339.1633893840
.mybelirefund.com/ Name: mbox
Value: session#1cf9d3bfc4604281bd1ff58d8084df1a#1633895700|PC#1cf9d3bfc4604281bd1ff58d8084df1a.37_0#1697138640
.adsrvr.org/ Name: TDID
Value: fd05cfeb-2eac-4a11-8c07-a7099faa0aad
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIkO71tLGLhjoQBRgFIAEoAjILCPrmpOHHi4Y6EAU4AQ..
.bing.com/ Name: MUID
Value: 079722C2155A6F472067320E141F6EA6
.demdex.net/ Name: dextp
Value: 771-1-1633893839614|903-1-1633893839824|1957-1-1633893839976|30646-1-1633893840080|121998-1-1633893840181|139200-1-1633893840282
.yahoo.com/ Name: A3
Value: d=AQABBNA9Y2ECEFvYCnZlVHnkOdPQwZsv5Yg&S=AQAAArlYZcdB099WkORfCqYJSrA
.mybelirefund.com/ Name: _scid
Value: 1087b6e6-34ff-46ca-a76c-59cdd248c17d
.www.mybelirefund.com/ Name: nmstat
Value: 1633893898762
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 8955556e025b7f37541ecfa55cde9605
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsLA0BQKzVAMj0yTzNGNzUxPD1OS0RFPT5JRUSzMDUwYgSEy2vQCioQAARGsKZQ%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBITLa9AKSgAAAWMwHS"
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQWMMyeCelvYLjZxc61KCx41r4oqXONm3VpfDVy5mHQBYyfPwHhD5PPzIAAAA=
1154.global.siteimproveanalytics.io/ Name: AWSELBCORS
Value: 1981F7471278D2E5200322457FFB222DB8AF541B057095385CB5B7C14B792926FCB43A208B8D10B5C6859F294FEB265160659E2F6D1D6F23037F9004CC1D3117D4C25434F9
.twitter.com/ Name: personalization_id
Value: "v1_XRm0qThH8HpVMeZoztIumg=="
www.mybelirefund.com/ Name: s_vnum
Value: 1636485840608%2526vn%253D1
www.mybelirefund.com/ Name: s_invisit
Value: true
.linkedin.com/ Name: UserMatchHistory
Value: AQLUXDaElZAMygAAAXxrqXby8AwpexwLxpcxezvIopJ6stgbiANOWX06S9sFdmz8mU36p9vFn94epw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLLuMwseiPP7QAAAXxrqXby-M__WIvPN9UYvam-B-ytzyGqHjXBsiExObyo0OehJVcHGKmGi4_WWR-IqMN-IQ
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&ddf981d3-8342-48d8-8496-5406be016638"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2478:u=1:x=1:i=1633893840:t=1633980240:v=2:sig=AQEZQMWS5RozwwdWKABLXAVAMRVB0GRE"
.mybelirefund.com/ Name: s_cc
Value: true
.amazon-adsystem.com/ Name: ad-id
Value: A9qaCIef_EwKm5CtRzWdDrg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.mybelirefund.com/ Name: _gcl_au
Value: 1.1.2020370573.1633893841
.mybelirefund.com/ Name: _gat_gtag_UA_52328914_3
Value: 1
.mybelirefund.com/ Name: _fbp
Value: fb.1.1633893840862.1154678604
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202110101924002df8fa03-f4a5-4530-8479-dcb77aa3231eAQEhR-h95D_N6ClKRK8wRhEGH_xvFT55"
.mybelirefund.com/ Name: fsr.a
Value: 1633893844289

3 Console Messages

Source Level URL
Text
network error URL: https://www.mybelirefund.com/dtagent_ICAjp_6000500061013.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.mybelirefund.com/custom/foresee/foresee-surveydef.js?build=24
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.mybelirefund.com/touchcommerce/inqChat.html?IFRAME&nuance-frame-ac=0
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1154.global.siteimproveanalytics.io
analytics.tiktok.com
analytics.twitter.com
assets.adobedtm.com
bell.inq.com
bellca.demdex.net
bid.g.doubleclick.net
c.bing.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
data1.bell.ca
dpm.demdex.net
googleads.g.doubleclick.net
match.adsrvr.org
media-us1.digital.nuance.com
prdbellweb.hs.llnwd.net
px.ads.linkedin.com
s.amazon-adsystem.com
sc-static.net
siteimproveanalytics.com
snap.licdn.com
somni.bell.ca
static.ads-twitter.com
sync.crwdcntrl.net
t.co
tr.snapchat.com
www.bell.ca
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.mybelirefund.com
104.109.71.114
104.212.67.145
104.244.42.67
104.244.42.69
108.174.11.85
13.107.42.14
13.248.242.197
13.36.218.177
142.250.184.226
142.250.184.228
142.250.185.136
142.250.185.66
142.250.185.78
142.250.186.98
142.251.5.155
143.204.209.45
157.240.20.19
157.240.20.35
162.213.255.36
172.67.145.176
178.79.243.128
184.30.20.234
199.232.136.157
2.16.186.161
2.16.186.17
204.79.197.200
209.54.178.82
212.82.100.182
34.248.191.66
35.186.226.184
52.177.241.160
52.18.85.49
52.28.224.120
52.48.137.92
52.49.107.116
63.32.151.178
03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782
097031d38e263f0ba4cead35ecbaefdd2d799de9a102ab976fab1f3c5e16754b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b17423af0833addf4afe2e7b03b1053846a2acf05156734b44f266cf439c148
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
25941ed3256b5f5a6e7c3972e2d26e626c07e9d54c738334b3ee919691853650
29267ae2fa8409b8d1df92ab3791c4a91130d7d3b250c80422f04e3f95bdc57b
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2e8f4f6158ee4e23d270f962be25b0a2a1e56b62c32eaeaf96c46c329b507dec
31b69cd2d2c544afa8b7bd82c7d4b43563aaf115efa630677c852af42d9b66cc
38490a4cff813e9bd76ac2b070bdc4940a0eb5770bce86c37ad621e845587897
3c7ca4acae314142bb67354282d6b55332cb79e1c3a27cd5b6d9125f1d69ff60
3da0a9f0c5d3821aaa894c3ebf0793e06364a8cba038b1df3764fe90b200817b
3e4d8f00673f6a80b26a8565f9931374e1e9171553b078261a67772af7511629
41407c31a0d44bb952744a390decccd0a4ba5918e4ff89c860f2495d5ee7a7fe
49af1cf3b0b8e3f3d3e709154215611368d7a9dc55653fee4f10e2e1ffa54e27
4bd46e0217fc98e9be4ef531ed0caae164b747801e379a09043d96a877fc75af
4cb15d52ba31d159672b7da8ae18c0b58a791a0ece2b2c0fcc92e603d259b526
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4dc13e50e249b3654a85738c945beee2e7160b2210e31df9f5f26b2c089837c9
4f57cfe86a3a5a2342b429e71c72561565390017aa370f0601687e7ef5e89daf
4f59b23d10d4e94965739111e681534f8eee58c96c8a80b1bf91d52431e8c086
5c97d8b98ceb15c41d568ec981c34aa36bd9e388e17221015fba0066961835d6
5d50635dbceea7cb7ddb1fdc29d2aafe1e8238fa5f41338fc69c99c43e6e8e4d
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5efce1603818afc5454c7b8b44ca03a689fdc16088fe13ef9420ae7e392652af
5f28515ef3a4dfdc873b7d213ed53c50c450e237f1ccdabc43a8a9e88e3046f4
639b93e11271d7bcd6b68ad775e733a55a2acc67164b8a9d9c6841b5ea26d89f
640c2cfce1b2b0c6b26baa8f3f201db091e4eb5881715a385c30ae7291270f37
690299e059c90d5fdc942f8a92b179b2ff5bed6be8cace935c00de0e74638d52
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78da4350747e33feea7a25301296af749a58ed67db397fded3b604df45a4febc
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d8fb5c8d0547187b358a96c25ccf6588cb6b1f9d299f024eb54763f6303c7c3
7f2af60ebbc9fea1a27aa227e9c3084b0a5f74fd08f35b12843ffc75ff156cf0
7fc19a12ca8cffc3b6fb044ac40558659591b5572a2eacb39a4347f4a4b7444d
85bcae1fc555cccfdb50e13c42034e34a02465237bd7136598e86b5aaad638f8
8f4aecf9743b2cff326c01e7fbcd54e75e8ebd9eae4b3fc9022f7be42ed0fbb2
9629e877d981c33fb6f42f572536af913ba131ee09444ca3a09bec5864a2a974
9655fcf24656720843af3d792217bbaa2a5fcadd9a0ac0cb69313329e11ec509
9f930b59dfffd0ff32a756b0c50bdbcc2ddc453ee956b50ba9d34a6859eb14bb
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197
abe7b9ebf22b0908657b91b0c177cdd3f562aa49ddb1abab2c59bf475b363217
ac28ee4c234de329ce740ef7ec8af26cec56ac1a0968eafd882b780c9d0bf036
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af03614d99771e0f3786fda656e7020a7bb83ea098f7a29f78f8f3f0b10bd049
b248cc18228759d3fea8d1fedb62c4fc7f7587e731cb6d63700adf04541f3458
b4be550cad152b2ba5e21b05048799b46749e8e9fb903facb0143401f2a504c6
b807b62bf192dc5c6e69951600e6d38f7901fbc6d6d6ab9e3b9c97cfa84347e6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6655b0013a3efd04570aaa7101ae5c243b1fd0f07b826c3f299b05df5386881
cef697a926119ed2e9328e84e88e3a42b1987a64256c55066b37dc3f36883515
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d89a1c1c3e41a0386fe17122c90253040b8f9f45eeffffb7dbde5d2ad74d8a30
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
dc30df00a881a6090d203e044486bac114b35c65882ed3f13017e75a390eb132
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e36f3860d6fe12df58872c55cf1fb78b7a3fe86d9a27591bfda5d8ceb34a31f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e935ffa275f3b6c64c10e8e5409cdcb53d30a62e7cc1671f505781b1a229d7af
ebff2f5467615b7993ed4096e75f9b37e90d8c864331354c89cdfa93e6936968
ed5b0df1b615f3fcc175395059275e41083ba3f9849c7c114750b3382c65bb5e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05c1f36007f64efd37c18565940a686e2471dc98765950a1126f69564bc0f42
f57ff730a56e15ae26a277fd3ff1c673f132fb824e8d946d555b562e69f54a3c
f9231667a21de669e34a55065ec43eef798b70e34b1a00b7789d97fee182b8bf
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd264d852e9431547e1627b1d2a3bdf7dc25057e2b7e4ce1c33655bf6ac79a2f
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3