golden1-cu.us Open in urlscan Pro
82.223.46.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://golden1-cu.us/login/3d/index.php
Submission: On March 11 via manual (March 11th 2022, 5:46:43 am UTC) from IN — Scanned from US

Summary HTTP 115 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 26 domains to perform 115 HTTP transactions. The main IP is 82.223.46.25, located in Spain and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is golden1-cu.us.
TLS certificate: Issued by R3 on March 10th 2022. Valid for: 3 months.

This is the only time golden1-cu.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	82.223.46.25 82.223.46.25	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
12	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
14	52.51.37.201 52.51.37.201	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
8	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.161.167.40 54.161.167.40	14618 (AMAZON-AES) (AMAZON-AES)
1 3	34.107.140.17 34.107.140.17	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4004:c0b::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80a::2004	15169 (GOOGLE) (GOOGLE)
1	54.173.140.2 54.173.140.2	14618 (AMAZON-AES) (AMAZON-AES)
1 3	142.250.64.102 142.250.64.102	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
2	13.225.221.250 13.225.221.250	16509 (AMAZON-02) (AMAZON-02)
4 8	216.152.140.212 216.152.140.212	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2620:116:800b... 2620:116:800b:21:1d2b:ecd5:fcc0:2c58	14618 (AMAZON-AES) (AMAZON-AES)
6 6	52.45.242.235 52.45.242.235	14618 (AMAZON-AES) (AMAZON-AES)
4 4	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
4	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
6 8	54.200.108.95 54.200.108.95	16509 (AMAZON-02) (AMAZON-02)
2	52.36.26.51 52.36.26.51	16509 (AMAZON-02) (AMAZON-02)
2 2	207.198.113.178 207.198.113.178	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2 5	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21e... 2600:9000:21ec:ec00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 5	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
4 4	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 ^_^) (CDN77 ^_^)
2	23.200.197.46 23.200.197.46	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	54.173.43.128 54.173.43.128	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1901:0:b... 2600:1901:0:be84::	15169 (GOOGLE) (GOOGLE)
115	29

31 82.223.46.25 (Spain)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

golden1-cu.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.51.37.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2008 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2008 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.167.40 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-167-40.compute-1.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.140.17 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 17.140.107.34.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::9d (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80a::2004 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.140.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-140-2.compute-1.amazonaws.com

docs.golden1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.64.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f6.1e100.net

6615638.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2002 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.221.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-221-250.jfk51.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.152.140.212 (Herndon, United States) 4 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:1d2b:ecd5:fcc0:2c58 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.45.242.235 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-242-235.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.64.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.200.108.95 (Boardman, United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-108-95.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.36.26.51 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-26-51.us-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.178 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.226.184 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:ec00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.246.49 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.229.3.43 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.200.197.46 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-197-46.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.173.43.128 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-43-128.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:be84:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	krxd.net 6 redirects consumer.krxd.net — Cisco Umbrella Rank: 1461 beacon.krxd.net — Cisco Umbrella Rank: 375 cdn.krxd.net — Cisco Umbrella Rank: 1175 usermatch.krxd.net — Cisco Umbrella Rank: 975	279 KB
31	golden1-cu.us golden1-cu.us	373 KB
9	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 68 6615638.fls.doubleclick.net — Cisco Umbrella Rank: 309760 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	4 KB
8	demdex.net 6 redirects dpm.demdex.net — Cisco Umbrella Rank: 184	7 KB
8	sitescout.com 4 redirects pixel.sitescout.com — Cisco Umbrella Rank: 2912 pixel-sync.sitescout.com — Cisco Umbrella Rank: 557	6 KB
8	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	64 KB
7	rlcdn.com 1 redirects di.rlcdn.com — Cisco Umbrella Rank: 2217 idsync.rlcdn.com — Cisco Umbrella Rank: 281	1 KB
6	exelator.com 4 redirects loadm.exelator.com — Cisco Umbrella Rank: 950 load77.exelator.com — Cisco Umbrella Rank: 3015	4 KB
6	snapchat.com 2 redirects tr.snapchat.com — Cisco Umbrella Rank: 955 tr6.snapchat.com — Cisco Umbrella Rank: 2012	2 KB
5	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 365	2 KB
4	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 628	2 KB
4	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 31 ssl.google-analytics.com — Cisco Umbrella Rank: 243	37 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	151 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	589 B
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 870	459 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2308	465 B
2	agkn.com aa.agkn.com — Cisco Umbrella Rank: 393	1001 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 839 pixel.quantserve.com — Cisco Umbrella Rank: 381	10 KB
2	basis.net 2 redirects pixel-a.basis.net — Cisco Umbrella Rank: 15892	132 B
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1102	13 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 792	1 KB
1	golden1.com docs.golden1.com	183 B
1	xg4ken.com resources.xg4ken.com — Cisco Umbrella Rank: 4585	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	29 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	61 KB
115	26

	Domain	Requested by
31	golden1-cu.us	golden1-cu.us
14	beacon.krxd.net	golden1-cu.us cdn.krxd.net
9	cdn.krxd.net	golden1-cu.us cdn.krxd.net
8	dpm.demdex.net	6 redirects
8	cdn.jsdelivr.net	golden1-cu.us
6	usermatch.krxd.net	6 redirects
6	pixel.sitescout.com	2 redirects 6615638.fls.doubleclick.net
5	pixel.tapad.com	3 redirects 6615638.fls.doubleclick.net
5	tr.snapchat.com	2 redirects sc-static.net 6615638.fls.doubleclick.net
4	sync.crwdcntrl.net	2 redirects 6615638.fls.doubleclick.net
4	loadm.exelator.com	4 redirects
4	idsync.rlcdn.com	golden1-cu.us
4	cm.g.doubleclick.net	4 redirects
4	connect.facebook.net	golden1-cu.us 6615638.fls.doubleclick.net connect.facebook.net
3	www.facebook.com	golden1-cu.us 6615638.fls.doubleclick.net
3	6615638.fls.doubleclick.net	1 redirects golden1-cu.us 6615638.fls.doubleclick.net
3	di.rlcdn.com	1 redirects golden1-cu.us
3	consumer.krxd.net	golden1-cu.us cdn.krxd.net
2	sync.teads.tv	6615638.fls.doubleclick.net pixel.sitescout.com
2	load77.exelator.com	6615638.fls.doubleclick.net
2	fei.pro-market.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	aa.agkn.com	golden1-cu.us
2	pixel-a.basis.net	2 redirects
2	sc-static.net	6615638.fls.doubleclick.net tr.snapchat.com
2	www.google.com	golden1-cu.us
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
2	ssl.google-analytics.com	1 redirects golden1-cu.us
2	www.google-analytics.com	golden1-cu.us www.google-analytics.com
1	pixel.quantserve.com	6615638.fls.doubleclick.net
1	tr6.snapchat.com	6615638.fls.doubleclick.net
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	6615638.fls.doubleclick.net
1	adservice.google.com	1 redirects
1	docs.golden1.com	golden1-cu.us
1	resources.xg4ken.com	golden1-cu.us
1	code.jquery.com	golden1-cu.us
1	www.googletagmanager.com	golden1-cu.us
115	38

This site contains no links.

Subject Issuer	Validity	Valid
golden1-cu.us R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-18` - `2022-03-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2021-09-17` - `2022-10-19`	a year	crt.sh
docs.golden1.com COMODO RSA Organization Validation Secure Server CA	`2020-11-25` - `2021-11-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
tr6.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://golden1-cu.us/login/3d/index.php
Frame ID: 4C3890865E675D42E18BA2C4BABD0A66
Requests: 65 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 033B8AB938A7222857552723D8889633
Requests: 11 HTTP requests in this frame

Frame: https://6615638.fls.doubleclick.net/activityi;dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Frame ID: 4D89029C780EF5A106FC7F59A37D2A59
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: AF4B16185593D89409A0A6418AE18A73
Requests: 11 HTTP requests in this frame

Frame: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Frame ID: 316FCD729330EB89DB098CB43F5B6BD6
Requests: 11 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: 19336914B72403DF129083040D10E21E
Requests: 6 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 9D67A85256C2D973AF470935EC68AFC8
Requests: 6 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=e5cdbbe6-dec5-4c6d-ae90-88b7967ccbbe
Frame ID: 2D161D06240F10913E595FFCFA9D094A
Requests: 2 HTTP requests in this frame

Frame: https://tr6.snapchat.com/ipv6?rid=58b764d9-50df-4f88-8c41-89ea81f1c4d0
Frame ID: B92CD3CD8DC4831A448383D2319744AE
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1646960103598&pnid=140&pcid=db8b62e1-d16e-42ef-a007-e80d2f411d9b
Frame ID: 3EB3413D961638C5F6D0E04D515591F8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Golden 1 Credit Union | Login to OLB

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

115
Requests

78 %
HTTPS

43 %
IPv6

26
Domains

38
Subdomains

29
IPs

4
Countries

1037 kB
Transfer

3461 kB
Size

33
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://di.rlcdn.com/406006.gif?pdata=partner%3Dtap257013%2Cdata%3Dtype%3Asite%24audience%3AMSO_Golden1_ClientSite_Control HTTP 307
https://di.rlcdn.com/api/segment?pdata=partner%3Dtap257013%2Cdata%3Dtype%3Asite%24audience%3AMSO_Golden1_ClientSite_Control&pid=406006&redirect=1

Request Chain 52

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=226329731&utmhn=golden1-cu.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Golden%201%20Credit%20Union%20%7C%20Login%20to%20OLB&utmhid=1237104785&utmr=-&utmp=%2Flogin%2F3d%2Findex.php&utmht=1646977590872&utmac=UA-1815591-1&utmgtm=2wg370M2WWGP&utmcc=__utma%3D168786615.1227907177.1646977591.1646977591.1646977591.1%3B%2B__utmz%3D168786615.1646977591.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=88914195&utmredir=1&utmu=qmAgAABAAAGBAAAAAgAAgAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1815591-1&cid=1227907177.1646977591&jid=88914195&_v=5.7.2&z=226329731 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1815591-1&cid=1227907177.1646977591&jid=88914195&_v=5.7.2&z=226329731

Request Chain 54

https://6615638.fls.doubleclick.net/activityi;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb HTTP 302
https://6615638.fls.doubleclick.net/activityi;dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb

Request Chain 62

https://adservice.google.com/ddm/fls/i/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb HTTP 302
https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb

Request Chain 68

https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 69

https://pixel.sitescout.com/iap/167656086b3da20c HTTP 302
https://pixel.sitescout.com/iap/167656086b3da20c?cookieQ=1

Request Chain 71

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 72

https://pixel-a.basis.net/iap/1c9df941b11545c7 HTTP 301
https://pixel.sitescout.com/iap/1c9df941b11545c7

Request Chain 74

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3RlZTh4OXk HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3RlZTh4OXk HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1

Request Chain 77

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=Otee8x9y&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=Otee8x9y&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=51952688853055765082291545758085539013

Request Chain 78

https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Otee8x9y

Request Chain 79

https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=Otee8x9y&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?partner_id=sscout&partner_uid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553

Request Chain 80

https://fei.pro-market.net/engine?mimetype=img&du=88&csync=Otee8x9y HTTP 302
https://idsync.rlcdn.com/398696.gif?partner_uid=3098813632149799575

Request Chain 81

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3RlZTh4OXk HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3RlZTh4OXk HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1

Request Chain 84

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=Otee8x9y&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=Otee8x9y&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=66157978516719073132810610344455568410

Request Chain 85

https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Otee8x9y

Request Chain 86

https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=Otee8x9y&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?partner_id=sscout&partner_uid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553

Request Chain 87

https://fei.pro-market.net/engine?mimetype=img&du=88&csync=Otee8x9y HTTP 302
https://idsync.rlcdn.com/398696.gif?partner_uid=-8706054082173842227

Request Chain 92

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=

Request Chain 93

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553

Request Chain 94

https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent= HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 96

https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&ct=y

Request Chain 98

https://tr.snapchat.com/p HTTP 303
https://tr6.snapchat.com/ipv6?rid=58b764d9-50df-4f88-8c41-89ea81f1c4d0

Request Chain 99

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=

Request Chain 100

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553

Request Chain 101

https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent= HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 103

https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&ct=y

Request Chain 106

https://tr.snapchat.com/cm/s?bt=__LIVE__&pnid=140&cb=1646977591379 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1646960103598%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1646960103598&pnid=140&pcid=db8b62e1-d16e-42ef-a007-e80d2f411d9b

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.php Show response
golden1-cu.us/login/3d/ 50 KB
10 KB 1563ms
1202ms Document
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

cd4043213c8d70421aca31f640feb5b6bf099b3085050d56de8839241021945e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

server: nginx
date: Fri, 11 Mar 2022 05:46:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip

GET
H2 200 7b3785dc-e5e8-4465-88e8-0bb2db048533 Show response
consumer.krxd.net/consent/get/ 236 B
429 B 58ms
16ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/7b3785dc-e5e8-4465-88e8-0bb2db048533?idt=device&dt=kxcookie&callback=Krux.ns.centro.kxjsonp_consent_get_0
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 85e256bb159ddf227eabf54e6034e274b414c022b0b1073e30c88c951b36e35e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a005-ash-prod.krxd.net, cache-lga21954-LGA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646977590.039819,VS0,VE9
content-length: 191
x-cache-hits: 0, 0

GET
H2 200 optout_check Show response
beacon.krxd.net/ 60 B
220 B 484ms
84ms Script
text/javascript 52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.centro.kxjsonp_optOutCheck
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6dbe9b51f575262e1cd0685e69b0dbb4564a20c62ec6ea9e6587313d4063ab21

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=31 t=1646977590
x-served-by: beacon-n016-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 24ms
4ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
age: 19070920
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 2017942
content-length: 84509
x-served-by: cache-lga21980-LGA
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1646977591.558246,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 539443220504357 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 85ms
71ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/539443220504357?v=2.9.55&r=stable

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ccf30850cdcf9e61c61a298dadcbe090bd533c28f5f554cc58e889eafd59cc47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: +3FJpx84WbF2k19GK1wWY7uttB9rSkVeXvOdCjv5cQjxe8DQDbFIpiRvyouSLgNyn+PCEZMOXLH58bn/ug0/Mg==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Mar 2022 05:46:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 16ms
3ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: UMFKJ18CBqEoU3Evc2WXHnBxufmuRtQd4tDa7vQIWwbHr3Dp0sGQ/mwmIB0EcrPd8i8tGCLq1MkVgIr/kWOSjQ==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Mar 2022 05:46:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 u9qbzi16j.js Show response
cdn.krxd.net/controltag/ 25 KB
8 KB 29ms
10ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/u9qbzi16j.js
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93d09844d7a7fa433f8123730d11e948e85d8cea26e6a29145cd2128a2f3561d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 11 Mar 2022 05:46:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 981
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 7377
x-served-by: config-service-a003-ash-prod.krxd.net, cache-iad-kjyo7100127-IAD, cache-lga21980-LGA
x-response-time: 0
x-do-esi: esi
x-timer: S1646977591.558297,VS0,VE0
etag: "568a85713df8ce60119b3d6395d4ad52a0cc27d5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 25ms
4ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3754
date: Fri, 11 Mar 2022 04:43:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Mar 2022 06:43:56 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 23ms
5ms Script
text/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4645
date: Fri, 11 Mar 2022 04:29:05 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 11 Mar 2022 06:29:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
61 KB 37ms
17ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M2WWGP

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f3c1a5f9ace55331ed57821b1a997f2250af2ac3af2f22dbbc920a01a77bd9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61509
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Mar 2022 05:46:30 GMT

GET
H2 404 VisitorIdentification.js
golden1-cu.us/layouts/system/ 0
0 99ms
99ms Script
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://golden1-cu.us/layouts/system/VisitorIdentification.js
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 G1-Styles.BSBase.a9d24ea3af6.min.css
golden1-cu.us/login/3d/assets/Styles/ 158 KB
29 KB 108ms
107ms Stylesheet
text/css 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/Styles/G1-Styles.BSBase.a9d24ea3af6.min.css

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

fb994954570fb6b93d879446d0aa79bdcaf0472501b3bcb166e80c91a6171204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:30:56 GMT
server: nginx
etag: W/"62273060-2780b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 G1-Styles.Vendor.235c5ae2508.min.css
golden1-cu.us/login/3d/assets/Styles/ 132 KB
46 KB 207ms
191ms Stylesheet
text/css 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/Styles/G1-Styles.Vendor.235c5ae2508.min.css

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

6f7bbc79052d331a0d516d9e2393e3132d7b18ee6dbf16e4f058626913727efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:31:00 GMT
server: nginx
etag: W/"62273064-210e9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 G1-Styles.App.af1fb1e76ee.min.css
golden1-cu.us/login/3d/assets/Styles/ 456 KB
85 KB 304ms
285ms Stylesheet
text/css 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/Styles/G1-Styles.App.af1fb1e76ee.min.css

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

d0b43f3d295ec5747829bd47cba878545a55aeb10105b3ce4e01b4e21549f350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:30:52 GMT
server: nginx
etag: W/"6227305c-72098"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 54ms
14ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e4a"
vary: Accept-Encoding
x-hw: 1646977590.dop061.ny3.t,1646977590.cds205.ny3.hn,1646977590.cds003.ny3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 inputmask.js Show response
cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/ 121 KB
25 KB 53ms
14ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/inputmask.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce580beb7a29408062de63bacffb19b62ddb54ce77f6e982cb5ecac8af8b4abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206897
x-jsd-version: 3.3.7
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19145-FRA, cache-ewr18161-EWR
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1e3e7-YcXiG9f/RqVOALe9ZZrQGOkVc1E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ea1fd71bd8417e9-EWR

GET
H2 200 inputmask.extensions.js Show response
cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/ 3 KB
1 KB 35ms
12ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/inputmask.extensions.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27888ef6f6c92a858394698ab07108f2ac1029632b00fcc57c62b5ea14708b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206897
x-jsd-version: 3.3.7
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19140-FRA, cache-ewr18138-EWR
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"da9-H4Cyso3TXKnaOWybfsBZHF4klB0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ea1fd71bd8617e9-EWR

GET
H2 200 inputmask.numeric.extensions.js Show response
cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/ 24 KB
5 KB 35ms
12ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/inputmask.numeric.extensions.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3896f68f34c953c750849cdeafc9beefa88c6aa162ca1e4ee83834cf8a47360

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206897
x-jsd-version: 3.3.7
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19143-FRA, cache-lga21970-LGA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"61b6-xbpPfdK5gUBKc/G0XOj80wGRDr4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ea1fd71bd8817e9-EWR

GET
H2 200 inputmask.date.extensions.js Show response
cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/ 23 KB
3 KB 44ms
22ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/inputmask.date.extensions.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f80bca77b3914f2d11dfacbeef25d8645736089807097a3527dae259b0badbaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206897
x-jsd-version: 3.3.7
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19124-FRA, cache-ewr18159-EWR
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"5db2-5ZRisl1wQMAkBt5bSE64E5zIx8U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ea1fd71bd8917e9-EWR

GET
H2 200 inputmask.phone.extensions.js Show response
cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/ 4 KB
1 KB 32ms
11ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/inputmask.phone.extensions.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77cbdb76652eb56acf13d89193c114216d6f085ec5b77584228cb32231dede3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206897
x-jsd-version: 3.3.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19177-FRA, cache-lga21977-LGA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"f86-/a7LHjN7tvJ0qFTu1vp3tqBufsg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ea1fd71bd8a17e9-EWR

GET
H2 200 jquery.inputmask.js Show response
cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/ 3 KB
1 KB 30ms
9ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/jquery.inputmask.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

689ad2cd1d739c1fe257f20a59d58e7c14981a7f7e8d496797865e88feef31fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206897
x-jsd-version: 3.3.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19140-FRA, cache-lga21927-LGA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a43-TggDPTj2VFotUQNGAW49/O0onF0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ea1fd71bd8b17e9-EWR

GET
H2 200 phone.js Show response
cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/phone-codes/ 78 KB
8 KB 43ms
21ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@3.3.7/dist/inputmask/phone-codes/phone.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92a9e2194fdd89bdef807f60dd9d49af0ad00d3421349dd2096ef7f932f06693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 206897
x-jsd-version: 3.3.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19135-FRA, cache-ewr18151-EWR
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1397d-bpVIO5jJXrO050e6CzNXGLHqRRk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ea1fd71bd8d17e9-EWR

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 66 KB
18 KB 34ms
13ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08ec7021cb4983ee1870e2bdd0beac15ff38675f06ded4e6a9f2bdf2fb67cf64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35042
x-jsd-version: 11.4.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-ewr18121-EWR
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1082b-cpGiCExeB4MzUAa3uUmIPGdM8Ak"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ea1fd71bd8c17e9-EWR

GET
H2 404 sweetalert2.all.min.js
golden1-cu.us/login/3d/assets/msgbox/dist/ 0
0 286ms
285ms Script
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://golden1-cu.us/login/3d/assets/msgbox/dist/sweetalert2.all.min.js
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 sweetalert2.min.js
golden1-cu.us/login/3d/assets/msgbox/dist/ 0
0 286ms
285ms Script
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://golden1-cu.us/login/3d/assets/msgbox/dist/sweetalert2.min.js
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 ktag.js Show response
resources.xg4ken.com/js/v2/ 9 KB
4 KB 72ms
10ms Script
text/plain 54.161.167.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2BAB-3ED

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.167.40 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-167-40.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c11cb5f286d7ab9c105a5f4865c3f7ad85fe215a5861a0bda01fd4e521858c84

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 10:06:10 GMT
server: nginx
etag: "621c9e92-dd8"
content-type: text/plain
cache-control: max-age=86400, public
content-length: 3544
x-xss-protection: 1; mode=block
expires: Sat, 12 Mar 2022 05:46:30 GMT

GET
H2 404 golden1_logo.svg
golden1-cu.us/login/3d/-/media/golden1/brand-logos/ 548 B
548 B 153ms
148ms Image
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golden1-cu.us/login/3d/-/media/golden1/brand-logos/golden1_logo.svg?iar=0&hash=7584520B91493D062CC63C62FBC5E1FF
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 header-search.png
golden1-cu.us/login/3d/assets/images/ 630 B
835 B 154ms
148ms Image
image/png 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://golden1-cu.us/login/3d/assets/images/header-search.png

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

c1d9f00c48fc667e693dd754628691743d73d39add07cbaa5c7ef605a6bb83c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
last-modified: Tue, 08 Mar 2022 10:31:50 GMT
server: nginx
etag: "62273096-276"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 630
expires: Sun, 10 Apr 2022 05:46:30 GMT

GET
H2 200 blue-search.png
golden1-cu.us/login/3d/assets/images/ 709 B
914 B 154ms
149ms Image
image/png 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://golden1-cu.us/login/3d/assets/images/blue-search.png

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

44f51c55b2644def8e2e04cb51d22cec761af6fc90c9fb39270af91cb881fb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
last-modified: Tue, 08 Mar 2022 10:31:46 GMT
server: nginx
etag: "62273092-2c5"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 709
expires: Sun, 10 Apr 2022 05:46:30 GMT

GET
H2 200 white-search.png
golden1-cu.us/login/3d/assets/images/ 502 B
707 B 154ms
149ms Image
image/png 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://golden1-cu.us/login/3d/assets/images/white-search.png

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

3848138f6adacb425d8c0319cc8b0648a49ee0d019caebbf449de341d2b696f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
last-modified: Tue, 08 Mar 2022 10:32:02 GMT
server: nginx
etag: "622730a2-1f6"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 502
expires: Sun, 10 Apr 2022 05:46:30 GMT

GET
H2 404 golden1_logo.svg
golden1-cu.us/login/3d/-/media/golden1/brand-logos/ 548 B
548 B 156ms
151ms Image
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golden1-cu.us/login/3d/-/media/golden1/brand-logos/golden1_logo.svg?iar=0&hash=7584520B91493D062CC63C62FBC5E1FF
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 equal-housing-opportunity-logo-70x75-ico.png
golden1-cu.us/login/3d/-/media/golden1/brand-logos/ 548 B
548 B 156ms
152ms Image
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golden1-cu.us/login/3d/-/media/golden1/brand-logos/equal-housing-opportunity-logo-70x75-ico.png?h=75&iar=0&w=75&hash=41A0920553F4151829E90F8C30609980
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 facebook-ico.png
golden1-cu.us/login/3d/-/media/golden1/social/ 548 B
548 B 156ms
152ms Image
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golden1-cu.us/login/3d/-/media/golden1/social/facebook-ico.png?h=103&iar=0&w=103&hash=437F27E53FEE55893EB93A1A0246DFC6
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 twitter-ico.png
golden1-cu.us/login/3d/-/media/golden1/social/ 548 B
548 B 156ms
152ms Image
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golden1-cu.us/login/3d/-/media/golden1/social/twitter-ico.png?h=103&iar=0&w=103&hash=DBB12CBC527009B6DD148F9B5107D243
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 linkedin-ico.png
golden1-cu.us/login/3d/-/media/golden1/social/ 548 B
548 B 156ms
153ms Image
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golden1-cu.us/login/3d/-/media/golden1/social/linkedin-ico.png?h=103&iar=0&w=103&hash=370CDCDFD0C4DE6FA8EABE92730BD6DD
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 youtube-ico.png
golden1-cu.us/login/3d/-/media/golden1/social/ 548 B
548 B 157ms
153ms Image
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golden1-cu.us/login/3d/-/media/golden1/social/youtube-ico.png?h=103&iar=0&w=103&hash=347A4D2D84C02692C49599E7BF1313B1
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 instagram-ico.png
golden1-cu.us/login/3d/-/media/golden1/social/ 548 B
548 B 156ms
153ms Image
text/html 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golden1-cu.us/login/3d/-/media/golden1/social/instagram-ico.png?h=103&iar=0&w=103&hash=34017C43E8F77B9EA3802438277E9861
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 jquery.min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 87 KB
34 KB 105ms
104ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/jquery.min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:32 GMT
server: nginx
etag: W/"622730fc-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 jquery-migrate.min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 9 KB
4 KB 101ms
101ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/jquery-migrate.min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

f7573d5c433cc851f6327f5f9fcc9068d46f26c12bb8bec772dafa262218ed4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:24 GMT
server: nginx
etag: W/"622730f4-2349"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 jquery.matchHeight-min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 3 KB
2 KB 102ms
100ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/jquery.matchHeight-min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

9b09fb29de36cb7bc57a4df206368485cbfd8b072daabc4e6057789df1075ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:30 GMT
server: nginx
etag: W/"622730fa-d3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 20 KB
8 KB 103ms
100ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/jquery.magnific-popup.min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:28 GMT
server: nginx
etag: W/"622730f8-4efb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 jquery.maskedinput.min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 4 KB
2 KB 103ms
101ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/jquery.maskedinput.min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

58c5fb14d40e03a30b242153b35222ef2c66912229fe98e3bad88afd8bb4aa37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:30 GMT
server: nginx
etag: W/"622730fa-10ea"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 jquery.ellipsis.min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 2 KB
1 KB 104ms
102ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/jquery.ellipsis.min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

e735118972594f746d0e6d93fd1e63e152b00f0b4f5a18fa18f8ba7c40d82ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:26 GMT
server: nginx
etag: W/"622730f6-893"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 jquery.validate.min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 22 KB
8 KB 108ms
106ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/jquery.validate.min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

89349f67308fefb901834c54f04b87d1f1695f081c5060562335871fe81ce463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:34 GMT
server: nginx
etag: W/"622730fe-58a5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 82 KB
26 KB 117ms
116ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/bootstrap.bundle.min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:24 GMT
server: nginx
etag: W/"622730f4-1499a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 G1-Scripts.App.ba7f3befe26.min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 200 KB
60 KB 121ms
120ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/G1-Scripts.App.ba7f3befe26.min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

b548cf0a9a4373bdabbf491e3f977eabb11918daf8155e84f3f73b417f9a3f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:10 GMT
server: nginx
etag: W/"622730e6-31e0b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 main-es6.b1368c643e.min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 16 KB
5 KB 155ms
154ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/main-es6.b1368c643e.min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

82c146c7c9d5ecc20bd37bcc2273ed7a034c87444e0cdd33c224f3dd25df85ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:34 GMT
server: nginx
etag: W/"622730fe-3f90"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2 200 main-es6.min.0f1d507d0a.min.js Show response
golden1-cu.us/login/3d/assets/scripts/ 6 KB
2 KB 156ms
155ms Script
application/javascript 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/scripts/main-es6.min.0f1d507d0a.min.js

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

bfadca6225c71821d7427d85a722bbfcd5b6b6612364a8e4e06ecd8162fe22cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/login/3d/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 10:33:36 GMT
server: nginx
etag: W/"62273100-1869"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 11 Mar 2022 17:46:30 GMT

GET
H2

200

segment
di.rlcdn.com/api/
Redirect Chain

https://di.rlcdn.com/406006.gif?pdata=partner%3Dtap257013%2Cdata%3Dtype%3Asite%24audience%3AMSO_Golden1_ClientSite_Control
https://di.rlcdn.com/api/segment?pdata=partner%3Dtap257013%2Cdata%3Dtype%3Asite%24audience%3AMSO_Golden1_ClientSite_Control&pid=406006&redirect=1

0
59 B

33ms
32ms

Image
application/javascript

34.107.140.17
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di.rlcdn.com/api/segment?pdata=partner%3Dtap257013%2Cdata%3Dtype%3Asite%24audience%3AMSO_Golden1_ClientSite_Control&pid=406006&redirect=1
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Server: 34.107.140.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

Redirect headers

date: Fri, 11 Mar 2022 05:46:30 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://di.rlcdn.com/api/segment?pdata=partner%3Dtap257013%2Cdata%3Dtype%3Asite%24audience%3AMSO_Golden1_ClientSite_Control&pid=406006&redirect=1
access-control-allow-credentials: true
content-type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 TradeGothicLTW04-Bold.woff2
golden1-cu.us/login/3d/assets/Styles/Fonts/ 23 KB
23 KB 134ms
128ms Font
font/woff2 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/Styles/Fonts/TradeGothicLTW04-Bold.woff2

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/assets/Styles/G1-Styles.App.af1fb1e76ee.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

2ed25e2c053cec997cd692162d798e69cab06b81bfccfcb1ae44bc7ebcac9d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://golden1-cu.us/login/3d/assets/Styles/G1-Styles.App.af1fb1e76ee.min.css
Origin: https://golden1-cu.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
last-modified: Tue, 08 Mar 2022 10:31:18 GMT
server: nginx
etag: "62273076-5c50"
strict-transport-security: max-age=31536000
content-type: font/woff2
accept-ranges: bytes
content-length: 23632

GET
H2 200 TradeGothic.woff2
golden1-cu.us/login/3d/assets/Styles/Fonts/ 21 KB
21 KB 132ms
128ms Font
font/woff2 82.223.46.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://golden1-cu.us/login/3d/assets/Styles/Fonts/TradeGothic.woff2

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/assets/Styles/G1-Styles.App.af1fb1e76ee.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.46.25 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

07641ec9109ddd33f14ff5183f52f004bc26d30f6272de4c5c3a99861291cd24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://golden1-cu.us/login/3d/assets/Styles/G1-Styles.App.af1fb1e76ee.min.css
Origin: https://golden1-cu.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
last-modified: Tue, 08 Mar 2022 10:31:14 GMT
server: nginx
etag: "62273072-52a0"
strict-transport-security: max-age=31536000
content-type: font/woff2
accept-ranges: bytes
content-length: 21152

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 033B 805 B
827 B 2ms
2ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 11 Mar 2022 05:46:30 GMT
via: 1.1 varnish
age: 23677392
x-served-by: cache-lga21980-LGA
x-cache: HIT
x-cache-hits: 563564
x-timer: S1646977591.832759,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
16ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1237104785&t=pageview&_s=1&dl=https%3A%2F%2Fgolden1-cu.us%2Flogin%2F3d%2Findex.php&ul=en-us&de=UTF-8&dt=Golden%201%20Credit%20Union%20%7C%20Login%20to%20OLB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=168786615.1227907177.1646977591.1646977591.1646977591.1&_utmz=168786615.1646977591.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1646977590891&_u=aSBCCEABFAAAAC~&jid=1205952290&gjid=1127115198&cid=1227907177.1646977591&tid=UA-1815591-3&_gid=1528481198.1646977591&_r=1&gtm=2wg370M2WWGP&z=47174929

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://golden1-cu.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://golden1-cu.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.com/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=226329731&utmhn=golden1-cu.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Golden%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1815591-1&cid=1227907177.1646977591&jid=88914195&_v=5.7.2&z=226329731
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1815591-1&cid=1227907177.1646977591&jid=88914195&_v=5.7.2&z=226329731

42 B
107 B

101ms
87ms

Image
image/gif

2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1815591-1&cid=1227907177.1646977591&jid=88914195&_v=5.7.2&z=226329731

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Server

2607:f8b0:4006:80a::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 05:46:31 GMT
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1815591-1&cid=1227907177.1646977591&jid=88914195&_v=5.7.2&z=226329731
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 365
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK logo.gif
docs.golden1.com/images/070qt6wnfh4rxs9akp66vu9g5/ 43 B
183 B 150ms
76ms Image
image/gif 54.173.140.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://docs.golden1.com/images/070qt6wnfh4rxs9akp66vu9g5/logo.gif?l=https://golden1-cu.us/login/3d/index.php&r=
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.173.140.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-140-2.compute-1.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 05:46:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

activityi;dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb Show response
6615638.fls.doubleclick.net/ Frame 4D89
Redirect Chain

https://6615638.fls.doubleclick.net/activityi;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb?
https://6615638.fls.doubleclick.net/activityi;dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.g...

491 B
415 B

30ms
20ms

Document
text/html

142.250.64.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6615638.fls.doubleclick.net/activityi;dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb?

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f6.1e100.net

Software

cafe /

Resource Hash

5009aa5b65d31cf656c10ade6f7571a2a1ea71cbd5e369365a7f1a0ff5e069a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Mar 2022 05:46:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Mar 2022 05:46:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6615638.fls.doubleclick.net/activityi;dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame AF4B 805 B
676 B 5ms
5ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 11 Mar 2022 05:46:30 GMT
via: 1.1 varnish
age: 23677392
x-served-by: cache-lga21980-LGA
x-cache: HIT
x-cache-hits: 563565
x-timer: S1646977591.929127,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H3 200 406006.gif
di.rlcdn.com/ 0
13 B 33ms
32ms Image
application/javascript 34.107.140.17
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di.rlcdn.com/406006.gif?pdata=partner%3Dtap257013%2Cdata%3Dtype%3Asite%24audience%3AMSO_Golden1_ClientSite_Control
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
438 B 40ms
18ms XHR
text/plain 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1815591-3&cid=1227907177.1646977591&jid=1205952290&gjid=1127115198&_gid=1528481198.1646977591&_u=aSBCCEAAFAAAAC~&z=777972565

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://golden1-cu.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 05:46:31 GMT
content-type: text/plain
access-control-allow-origin: https://golden1-cu.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 10ms
3ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=539443220504357&ev=PageView&dl=https%3A%2F%2Fgolden1-cu.us%2Flogin%2F3d%2Findex.php&rl=&if=false&ts=1646977591024&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646977591023.1388966084&it=1646977590969&coo=false&exp=p1&rqm=GET

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 11 Mar 2022 05:46:31 GMT

GET
H2 200 u9qbzi16j.js Show response
cdn.krxd.net/controltag/ Frame 033B 25 KB
8 KB 2ms
2ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/u9qbzi16j.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93d09844d7a7fa433f8123730d11e948e85d8cea26e6a29145cd2128a2f3561d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 982
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 7377
x-served-by: config-service-a003-ash-prod.krxd.net, cache-iad-kjyo7100127-IAD, cache-lga21980-LGA
x-response-time: 0
x-do-esi: esi
x-timer: S1646977591.076661,VS0,VE0
etag: "568a85713df8ce60119b3d6395d4ad52a0cc27d5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 34ms
19ms Image
image/gif 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1815591-3&cid=1227907177.1646977591&jid=1205952290&_u=aSBCCEAAFAAAAC~&z=674352266

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u9qbzi16j.js Show response
cdn.krxd.net/controltag/ Frame AF4B 25 KB
7 KB 2ms
2ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/u9qbzi16j.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93d09844d7a7fa433f8123730d11e948e85d8cea26e6a29145cd2128a2f3561d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 982
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 7377
x-served-by: config-service-a003-ash-prod.krxd.net, cache-iad-kjyo7100127-IAD, cache-lga21980-LGA
x-response-time: 0
x-do-esi: esi
x-timer: S1646977591.091789,VS0,VE0
etag: "568a85713df8ce60119b3d6395d4ad52a0cc27d5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 3

GET
H3

200

dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb Show response
6615638.fls.doubleclick.net/ddm/fls/r/ Frame 316F
Redirect Chain

https://adservice.google.com/ddm/fls/i/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1....
https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.g...

3 KB
1 KB

21ms
21ms

Document
text/html

142.250.64.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb

Requested by

Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/activityi;dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f6.1e100.net

Software

cafe /

Resource Hash

297cb49b8d568722af7a449f093d9313a1f69a358f06b34a87afbd4b16ac1c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Mar 2022 05:46:31 GMT
expires: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Mar 2022 05:46:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 033B 259 KB
83 KB 2ms
2ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/u9qbzi16j.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 11 Mar 2022 05:46:31 GMT
content-encoding: gzip
age: 19070921
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 2017943
content-length: 84509
x-served-by: cache-lga21980-LGA
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1646977591.102695,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame AF4B 259 KB
83 KB 5ms
2ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/u9qbzi16j.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 11 Mar 2022 05:46:31 GMT
content-encoding: gzip
age: 19070921
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 2017944
content-length: 84509
x-served-by: cache-lga21980-LGA
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1646977591.108892,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 7b3785dc-e5e8-4465-88e8-0bb2db048533 Show response
consumer.krxd.net/consent/get/ Frame 033B 221 B
304 B 16ms
15ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/7b3785dc-e5e8-4465-88e8-0bb2db048533?idt=device&dt=kxcookie&callback=Krux.ns.centro.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b2131df6fd06c2b58c82fa034e698a006736692271ee2fbb5b815d85bc3d87c1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a007-ash-prod.krxd.net, cache-lga21954-LGA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646977591.139456,VS0,VE13
content-length: 181
x-cache-hits: 0, 0

GET
H2 200 7b3785dc-e5e8-4465-88e8-0bb2db048533 Show response
consumer.krxd.net/consent/get/ Frame AF4B 221 B
256 B 2ms
2ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/7b3785dc-e5e8-4465-88e8-0bb2db048533?idt=device&dt=kxcookie&callback=Krux.ns.centro.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b2131df6fd06c2b58c82fa034e698a006736692271ee2fbb5b815d85bc3d87c1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a007-ash-prod.krxd.net, cache-lga21954-LGA
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646977591.163605,VS0,VE0
content-length: 181
x-cache-hits: 0, 1

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 316F 17 KB
7 KB 48ms
25ms Script
application/javascript 13.225.221.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.221.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-221-250.jfk51.r.cloudfront.net
Software: CloudFront /
Resource Hash: f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: JFK51-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6336
via: 1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-id: tixPJq2AARgU37He4iFP2a6JNLJxc5vBpHm04kp2zxTonr2P3batOA==

GET
H2

200

asyncPixelSync Show response
pixel.sitescout.com/dmp/ Frame 1933
Redirect Chain

https://pixel.sitescout.com/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

1 KB
2 KB

9ms
8ms

Document
text/html

216.152.140.212
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 216.152.140.212 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: 77fb4e81e739192dc90fc9e3cd5572d4a098897f87347a050660059ec27afb5f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-type: text/html;charset=UTF-8
content-length: 1162
date: Fri, 11 Mar 2022 05:46:31 GMT
server: AC1.1

Redirect headers

location: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
content-length: 0
date: Fri, 11 Mar 2022 05:46:31 GMT
server: AC1.1

GET
H2

204

167656086b3da20c
pixel.sitescout.com/iap/ Frame 316F
Redirect Chain

https://pixel.sitescout.com/iap/167656086b3da20c
https://pixel.sitescout.com/iap/167656086b3da20c?cookieQ=1

0
341 B

10ms
9ms

Image
text/plain

216.152.140.212
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/167656086b3da20c?cookieQ=1
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Server: 216.152.140.212 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:30 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/167656086b3da20c?cookieQ=1
date: Fri, 11 Mar 2022 05:46:31 GMT
server: AC1.1
content-length: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 316F 99 KB
26 KB 8ms
2ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: UMFKJ18CBqEoU3Evc2WXHnBxufmuRtQd4tDa7vQIWwbHr3Dp0sGQ/mwmIB0EcrPd8i8tGCLq1MkVgIr/kWOSjQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 11 Mar 2022 05:46:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

asyncPixelSync Show response
pixel.sitescout.com/dmp/ Frame 9D67
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

1 KB
2 KB

10ms
9ms

Document
text/html

216.152.140.212
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 216.152.140.212 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: 77fb4e81e739192dc90fc9e3cd5572d4a098897f87347a050660059ec27afb5f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-type: text/html;charset=UTF-8
content-length: 1162
date: Fri, 11 Mar 2022 05:46:30 GMT
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

1c9df941b11545c7
pixel.sitescout.com/iap/ Frame 316F
Redirect Chain

https://pixel-a.basis.net/iap/1c9df941b11545c7
https://pixel.sitescout.com/iap/1c9df941b11545c7

0
341 B

10ms
7ms

Image
text/plain

216.152.140.212
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/1c9df941b11545c7
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Server: 216.152.140.212 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/1c9df941b11545c7
content-length: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 316F 24 KB
10 KB 79ms
11ms Script
application/javascript 2620:116:800b:21:1d2b:ecd5:fcc0:2c58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:1d2b:ecd5:fcc0:2c58 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 18 Mar 2022 05:46:31 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 033B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3RlZTh4OXk
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1

0
337 B

85ms
84ms

Image
text/plain

52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=22 t=1646977591
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 033B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3RlZTh4OXk
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1

0
337 B

85ms
83ms

Image
text/plain

52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1646977591
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 033B 42 B
448 B 44ms
31ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=Otee8x9y
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 033B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=Otee8x9y&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=Otee8x9y&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=51952688853055765082291545758085539013

0
337 B

85ms
84ms

Image
text/plain

52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=51952688853055765082291545758085539013
Protocol: H2
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1646977591
x-served-by: beacon-n012-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

DCS: dcs-prod-usw2-2-v026-0c3d39311.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nFyEtT0dQw0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=51952688853055765082291545758085539013
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

g.js
aa.agkn.com/adscores/ Frame 033B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=neustar
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Otee8x9y

43 B
501 B

237ms
77ms

Image
image/gif

52.36.26.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Otee8x9y
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Server: 52.36.26.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-26-51.us-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Otee8x9y
date: Fri, 11 Mar 2022 05:46:31 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a002-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 033B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=sitescout
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=Otee8x9y&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
https://beacon.krxd.net/usermatch.gif?partner_id=sscout&partner_uid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553

0
337 B

85ms
85ms

Image
text/plain

52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=sscout&partner_uid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1646977591
x-served-by: beacon-n004-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://beacon.krxd.net/usermatch.gif?partner_id=sscout&partner_uid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

398696.gif
idsync.rlcdn.com/ Frame 033B
Redirect Chain

https://fei.pro-market.net/engine?mimetype=img&du=88&csync=Otee8x9y
https://idsync.rlcdn.com/398696.gif?partner_uid=3098813632149799575

42 B
60 B

38ms
31ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398696.gif?partner_uid=3098813632149799575
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://idsync.rlcdn.com/398696.gif?partner_uid=3098813632149799575
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame AF4B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3RlZTh4OXk
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1

0
337 B

84ms
84ms

Image
text/plain

52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=24 t=1646977591
x-served-by: beacon-n013-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame AF4B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3RlZTh4OXk
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1

0
337 B

89ms
83ms

Image
text/plain

52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1646977591
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEE8IXQTXIRaKl0WXL0OkQp0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame AF4B 42 B
286 B 44ms
31ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=Otee8x9y
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame AF4B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=Otee8x9y&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=Otee8x9y&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=66157978516719073132810610344455568410

0
337 B

85ms
85ms

Image
text/plain

52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=66157978516719073132810610344455568410
Protocol: H2
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=91 t=1646977591
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

DCS: dcs-prod-usw2-1-v026-0d0b991c1.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ETYdYTGRQ3c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=66157978516719073132810610344455568410
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

g.js
aa.agkn.com/adscores/ Frame AF4B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=neustar
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Otee8x9y

43 B
500 B

239ms
78ms

Image
image/gif

52.36.26.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Otee8x9y
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Server: 52.36.26.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-26-51.us-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Otee8x9y
date: Fri, 11 Mar 2022 05:46:31 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a010-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame AF4B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=sitescout
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=Otee8x9y&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
https://beacon.krxd.net/usermatch.gif?partner_id=sscout&partner_uid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553

0
337 B

85ms
84ms

Image
text/plain

52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=sscout&partner_uid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H2
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=54 t=1646977591
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://beacon.krxd.net/usermatch.gif?partner_id=sscout&partner_uid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

398696.gif
idsync.rlcdn.com/ Frame AF4B
Redirect Chain

https://fei.pro-market.net/engine?mimetype=img&du=88&csync=Otee8x9y
https://idsync.rlcdn.com/398696.gif?partner_uid=-8706054082173842227

42 B
60 B

32ms
31ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398696.gif?partner_uid=-8706054082173842227
Requested by: Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp6.us1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://idsync.rlcdn.com/398696.gif?partner_uid=-8706054082173842227
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H3 200 509766249170744 Show response
connect.facebook.net/signals/config/ Frame 316F 44 KB
11 KB 42ms
37ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/509766249170744?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c1ddc064d34895e5eee3a584d504ea654874d2a3424e46e0065dc1b320a5045

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: BzCzbVlb3uPciTP8GhqfO3UG9mlQSxKrDGlw6SAuxglWBBY1ws1vSkpwcKHR2eLrwPA/xM9Txs9E2AyDgRIDhg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 11 Mar 2022 05:46:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ Frame 316F 46 B
313 B 48ms
31ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=e5cdbbe6-dec5-4c6d-ae90-88b7967ccbbe

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

6e71b7e33722474527ac6303e6361a2b7ace3bd168c4886ec41d96acbd37a3d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 2D16 672 B
1 KB 49ms
43ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=e5cdbbe6-dec5-4c6d-ae90-88b7967ccbbe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/

Response headers

server: nginx/1.19.6
date: Fri, 11 Mar 2022 05:46:31 GMT
content-type: text/html
content-length: 672
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rules-p-yzzfGTE9pcN4c.js Show response
rules.quantcount.com/ Frame 316F 2 KB
1 KB 24ms
15ms Script
application/javascript 2600:9000:21ec:ec00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-yzzfGTE9pcN4c.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:ec00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f1ce58d2e01793d5a9cee1e80b9756ca444282fd743a67e5d21097104db9438

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:33:37 GMT
content-encoding: gzip
age: 775
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 14 Nov 2019 00:19:11 GMT
server: AmazonS3
etag: W/"c7b684001c16f2d53d0022713a168450"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9e89086b4bc4697bea1e1dec6ddc5c5c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: zBH8QMOV5mdBk4IIxftnRpVmXrExwsDMGKvuCUFEmadV5pCenL1_kQ==

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 1933
Redirect Chain

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=

42 B
943 B

128ms
128ms

Image
image/gif

54.200.108.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.200.108.95 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-108-95.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v026-060c34744.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YQmO6dWLTGQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-2-v026-06ecd7a1a.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 9TEN7YT+SjU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 1933
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553

95 B
425 B

22ms
21ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553

Requested by

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553
date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 1933
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=
https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
436 B

31ms
3ms

Image
image/gif

2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Fri, 11 Mar 2022 05:46:31 GMT
x-age-lb: 19
x-77-nzt-ray: ENK1xka2qZM
x-77-cache: HIT
content-length: 43
x-cache: HIT
x-age: 985659
x-77-nzt: Alm7sQ9/Ot//OwoPAJySO+jLG7X/EwAAAA
x-lb-ip: 156.146.59.232
x-cache-lb: HIT
x-accel-expires: @1647028732
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-lb-pop: newyorkUSNY
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
expires: Fri, 15 Jan 2021 19:58:16 GMT

Redirect headers

date: Fri, 11 Mar 2022 05:46:31 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 um
sync.teads.tv/ Frame 1933 23 B
287 B 28ms
15ms Image
image/gif 23.200.197.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=73&uid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-197-46.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 11 Mar 2022 05:46:31 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 1933
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&ct=y

49 B
735 B

22ms
21ms

Image
image/gif

54.173.43.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Server: 54.173.43.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-43-128.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.44.131
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.40.37.199
content-length: 0
expires: 0

GET
H3 200 /
www.facebook.com/tr/ Frame 316F 44 B
91 B 19ms
4ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509766249170744&ev=PageView&dl=https%3A%2F%2F6615638.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJOcjdKtvfYCFSO6nwodGtUInA%3Bsrc%3D6615638%3Btype%3Dretar0%3Bcat%3Dg1-re0%3Bord%3D3158170390539%3Bgtm%3D2wg370%3Bauiddc%3D598505835.1646765151%3B~oref%3Dhttps%253A%252F%252Fwww.golden1.com%252Flogin-to-olb&rl=https%3A%2F%2F6615638.fls.doubleclick.net%2F&if=true&ts=1646977591334&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=28&it=1646977591242&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 11 Mar 2022 05:46:31 GMT

GET
H2

200

ipv6 Show response
tr6.snapchat.com/ Frame B92C
Redirect Chain

https://tr.snapchat.com/p
https://tr6.snapchat.com/ipv6?rid=58b764d9-50df-4f88-8c41-89ea81f1c4d0

0
232 B

47ms
30ms

Document
text/plain

2600:1901:0:be84::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/ipv6?rid=58b764d9-50df-4f88-8c41-89ea81f1c4d0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:be84:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://6615638.fls.doubleclick.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/

Response headers

server: nginx/1.19.6
date: Fri, 11 Mar 2022 05:46:31 GMT
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

server: nginx/1.19.6
date: Fri, 11 Mar 2022 05:46:31 GMT
content-type: text/html
content-length: 68
access-control-allow-origin: *
cache-control: no-cache, no-transform
location: https://tr6.snapchat.com/ipv6?rid=58b764d9-50df-4f88-8c41-89ea81f1c4d0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 9D67
Redirect Chain

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=

42 B
943 B

105ms
105ms

Image
image/gif

54.200.108.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.200.108.95 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-108-95.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v026-0e2ccecc0.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: LM6UcZ1ERNE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-2-v026-0a3badb2b.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7JJjD5OuSFM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 9D67
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553

95 B
414 B

21ms
21ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553

Requested by

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553
date: Fri, 11 Mar 2022 05:46:31 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 9D67
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=
https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
437 B

33ms
3ms

Image
image/gif

2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Fri, 11 Mar 2022 05:46:31 GMT
x-age-lb: 19
x-77-nzt-ray: zdP5R6bprac
x-77-cache: HIT
content-length: 43
x-cache: HIT
x-age: 985659
x-77-nzt: Alm7sQ885ab/OwoPAJySO+jLG7X/EwAAAA
x-lb-ip: 156.146.59.232
x-cache-lb: HIT
x-accel-expires: @1647028732
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-lb-pop: newyorkUSNY
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
expires: Fri, 15 Jan 2021 19:58:16 GMT

Redirect headers

date: Fri, 11 Mar 2022 05:46:31 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 um
sync.teads.tv/ Frame 9D67 23 B
172 B 19ms
11ms Image
image/gif 23.200.197.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=73&uid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=
Requested by: Host: pixel.sitescout.com
URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-197-46.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 11 Mar 2022 05:46:31 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 9D67
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&ct=y

49 B
264 B

43ms
42ms

Image
image/gif

54.173.43.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: 6615638.fls.doubleclick.net
URL: https://6615638.fls.doubleclick.net/ddm/fls/r/dc_pre=CJOcjdKtvfYCFSO6nwodGtUInA;src=6615638;type=retar0;cat=g1-re0;ord=3158170390539;gtm=2wg370;auiddc=598505835.1646765151;~oref=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb
Protocol: H2
Server: 54.173.43.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-43-128.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.9.159
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7f7b062d-6edf-4b14-b211-58e979aac0e0-622ae237-5553&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.40.12.240
content-length: 0
expires: 0

GET
H2 200 pixel;r=340245596;labels=_fp.event.Homepage;rf=0;a=p-yzzfGTE9pcN4c;url=https%3A%2F%2F6615638.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJOcjdKtvfYCFSO6nwodGtUInA%3Bsrc%3D6615638%3Btype%3Dretar...
pixel.quantserve.com/ Frame 316F 35 B
371 B 17ms
14ms Image
image/gif 2620:116:800b:21:1d2b:ecd5:fcc0:2c58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=340245596;labels=_fp.event.Homepage;rf=0;a=p-yzzfGTE9pcN4c;url=https%3A%2F%2F6615638.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJOcjdKtvfYCFSO6nwodGtUInA%3Bsrc%3D6615638%3Btype%3Dretar0%3Bcat%3Dg1-re0%3Bord%3D3158170390539%3Bgtm%3D2wg370%3Bauiddc%3D598505835.1646765151%3B~oref%3Dhttps%253A%252F%252Fwww.golden1.com%252Flogin-to-olb;ref=https%3A%2F%2F6615638.fls.doubleclick.net%2F;uht=2;fpan=1;fpa=P0-790222207-1646977591349;pbc=;ns=1;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;d=6615638.fls.doubleclick.net;je=0;sr=1600x1200x24;dst=0;et=1646977591349;tzo=0;ogl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1d2b:ecd5:fcc0:2c58 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://6615638.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 05:46:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 2D16 17 KB
7 KB 4ms
3ms Script
application/javascript 13.225.221.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=e5cdbbe6-dec5-4c6d-ae90-88b7967ccbbe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.221.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-221-250.jfk51.r.cloudfront.net
Software: CloudFront /
Resource Hash: f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 02:00:09 GMT
content-encoding: gzip
server: CloudFront
age: 13582
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: JFK51-C1
access-control-allow-headers: Content-Type
content-length: 6336
via: 1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-id: Ka6gBHaCl6PCgOasEvHsBuKhYlFnqBQaF4j47WXHOZdoz1AZUZgG9Q==

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 3EB3
Redirect Chain

https://tr.snapchat.com/cm/s?bt=__LIVE__&pnid=140&cb=1646977591379
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1646960103598%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1646960103598&pnid=140&pcid=db8b62e1-d16e-42ef-a007-e80d2f411d9b

0
15 B

44ms
43ms

Document
text/html

35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1646960103598&pnid=140&pcid=db8b62e1-d16e-42ef-a007-e80d2f411d9b

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/

Response headers

server: nginx/1.19.6
date: Fri, 11 Mar 2022 05:46:31 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date: Fri, 11 Mar 2022 05:46:31 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://tr.snapchat.com/cm/p?rand=1646960103598&pnid=140&pcid=db8b62e1-d16e-42ef-a007-e80d2f411d9b
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 3ms
3ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=539443220504357&ev=Microdata&dl=https%3A%2F%2Fgolden1-cu.us%2Flogin%2F3d%2Findex.php&rl=&if=false&ts=1646977591529&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Golden%201%20Credit%20Union%20%7C%20Login%20to%20OLB%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Login%20to%20OLB%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1646977591023.1388966084&it=1646977590969&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: golden1-cu.us
URL: https://golden1-cu.us/login/3d/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 11 Mar 2022 05:46:31 GMT

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 356 B
480 B 15ms
15ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=7b3785dc-e5e8-4465-88e8-0bb2db048533&technographics=1&callback=Krux.ns.centro.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0a24f7cbd4472786411c1ce7fbdb96edc763b326041a9774d1ce56b5cbfe77ee

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Fri, 11 Mar 2022 05:46:31 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a019-ash-prod.krxd.net, cache-lga21980-LGA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646977592.681660,VS0,VE13
content-length: 275
x-cache-hits: 0, 0

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 84ms
84ms Image
text/plain 52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=u9qbzi16j&_kpid=7b3785dc-e5e8-4465-88e8-0bb2db048533&_kcp_s=MSO_Golden1&_kcp_d=golden1-cu.us&_knifr=3&_kua_kx_tz=0&geo_country=us&geo_region=tx&geo_dma=662&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=us&_kua_kx_geo_region=tx&_kua_kx_geo_dma=662&_kua_kx_whistle=0&t_navigation_type=0&t_dns=118&t_tcp=243&t_http_request=-1&t_http_response=1&t_content_ready=2583&t_window_load=3273&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w7v0xl41g&_kurl_=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb&userdata_user=Otee8x9y%2Cw7v0xl41g&sview=1&kplt0=28213&kplt1=28225&kplt2=28243&kplt4=28258&kplt5=28259&kplt6=32561&kplt7=32906&kplt8=46748&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F7b3785dc-e5e8-4465-88e8-0bb2db048533%2C2%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C2%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=74 t=1646977591
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 86ms
85ms Image
text/plain 52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=u9qbzi16j&_kpid=7b3785dc-e5e8-4465-88e8-0bb2db048533&_kcp_s=MSO_Golden1&_kcp_d=golden1-cu.us&_knifr=3&_kua_kx_tz=0&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_whistle=0&_kpa_domain=golden1-cu.us&_kpa_golden1-cu.us_url_path_1=login&_kpa_golden1-cu.us_url_path_2=3d&_kpa_golden1-cu.us_url_path_3=index.php&_kpa_domain_type=us&_kpa_u9qbzi16j_url_path_1=login&_kpa_u9qbzi16j_url_path_2=3d&_kpa_u9qbzi16j_url_path_3=index.php&_kpa_subdomain=golden1-cu.us&t_navigation_type=0&t_dns=118&t_tcp=243&t_http_request=-1&t_http_response=1&t_content_ready=2583&t_window_load=3273&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=false&store_user_after=w7v0xl41g&_kurl_=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb&sview=2&kplt0=28213&kplt1=28225&kplt2=28243&kplt4=28258&kplt5=28259&kplt6=32561&kplt7=32906&kplt8=46748&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F7b3785dc-e5e8-4465-88e8-0bb2db048533%2C55%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2CNaN%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2CNaN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1646977592
x-served-by: beacon-n004-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
338 B 86ms
85ms Image
text/plain 52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=u9qbzi16j&_kpid=7b3785dc-e5e8-4465-88e8-0bb2db048533&_kcp_s=MSO_Golden1&_kcp_d=golden1-cu.us&_knifr=3&_kua_kx_tz=0&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_whistle=0&t_navigation_type=0&t_dns=118&t_tcp=243&t_http_request=-1&t_http_response=1&t_content_ready=2583&t_window_load=3273&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=false&store_user_after=w7v0xl41g&_kurl_=https%3A%2F%2Fwww.golden1.com%2Flogin-to-olb&sview=3&kplt0=28213&kplt1=28225&kplt2=28243&kplt4=28258&kplt5=28259&kplt6=32561&kplt7=32906&kplt8=46748&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F7b3785dc-e5e8-4465-88e8-0bb2db048533%2C9%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2CNaN%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2CNaN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=178 t=1646977592
x-served-by: beacon-n006-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 optout_check Show response
beacon.krxd.net/ 79 B
238 B 85ms
85ms Script
text/javascript 52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.centro.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 53efe454ada9283a177535a1e9a7de3f14e7f3b4bc80d0fd042c78223a983faa

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:32 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=44 t=1646977592
x-served-by: beacon-n022-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 optout_check Show response
beacon.krxd.net/ 79 B
238 B 85ms
84ms Script
text/javascript 52.51.37.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.centro.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.37.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 53efe454ada9283a177535a1e9a7de3f14e7f3b4bc80d0fd042c78223a983faa

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://golden1-cu.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:46:32 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=47 t=1646977592
x-served-by: beacon-n004-dub-prod.krxd.net
content-type: text/javascript

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 01:31:03	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.golden1-cu.us/	1970-01-20 03:39:13	Name: _gcl_au Value: 1.1.1142723938.1646977591
.golden1-cu.us/	1970-01-20 19:00:49	Name: __utma Value: 168786615.1227907177.1646977591.1646977591.1646977591.1
.golden1-cu.us/	1969-12-31 23:59:59	Name: __utmc Value: 168786615
.golden1-cu.us/	1970-01-20 05:52:25	Name: __utmz Value: 168786615.1646977591.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.golden1-cu.us/	1970-01-20 01:29:38	Name: __utmt_UA-1815591-1 Value: 1
.golden1-cu.us/	1970-01-20 01:29:39	Name: __utmb Value: 168786615.1.10.1646977591
.golden1-cu.us/	1970-01-20 19:00:49	Name: _ga Value: GA1.2.1227907177.1646977591
.golden1-cu.us/	1970-01-20 01:31:03	Name: _gid Value: GA1.2.1528481198.1646977591
.golden1-cu.us/	1970-01-20 01:29:37	Name: _gat_UA-1815591-3 Value: 1
.golden1-cu.us/	1970-01-20 03:39:13	Name: _fbp Value: fb.1.1646977591023.1388966084
.facebook.com/	1970-01-20 03:39:13	Name: fr Value: 08t3J0XAXlHBjaHVN..BiKuI3...1.0.BiKuI3.
.krxd.net/	1970-01-20 05:48:49	Name: _kuid_ Value: Otee8x9y
.doubleclick.net/	1970-01-20 19:00:49	Name: IDE Value: AHWqTUlhYVIWrTcBsPYPgAE4VM3vP7WfTGwVJ9_kxYbxcY35b8b2V0jOEzJTAzsF20o
.rlcdn.com/	1970-01-20 10:15:13	Name: rlas3 Value: t8Md+n4oi3P3NC0PkPAvW/Fxh2+15JiNKod2jhYg/UA=
.rlcdn.com/	1970-01-20 02:56:01	Name: pxrc Value: CAA=
.sitescout.com/	1970-01-20 10:15:13	Name: ssi Value: 7f7b062d-6edf-4b14-b211-58e979aac0e0#1646977591241
.sitescout.com/	1970-01-20 02:12:49	Name: _ssuma Value: eyIzNCI6MTY0Njk3NzU5MTI1MiwiMiI6MTY0Njk3NzU5MTI1MiwiNCI6MTY0Njk3NzU5MTI1MiwiMzkiOjE2NDY5Nzc1OTEyNTIsIjciOjE2NDY5Nzc1OTEyNTJ9
.teads.tv/	1970-01-20 10:13:47	Name: tt_viewer Value: 673cffbc-ac16-4e47-8d43-ed9332bd0a04
.exelator.com/	1970-01-20 04:22:25	Name: EE Value: "42ec874ac0551d62ea2ef8f56c0fcfad"
.quantserve.com/	1970-01-20 10:59:51	Name: mc Value: 622ae237-5a9a5-4e855-dd0e9
.exelator.com/	1970-01-20 04:22:25	Name: ud Value: "eJxrXxzq6XKLQcHEKDXZwtwkMdnA1NQwxcwoNdEoNc0izdQs2SAtOS0xZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJySX5RZvqi0ODFRSlpDItKik8F7999CAC37CuI"
.tapad.com/	1970-01-20 02:56:01	Name: TapAd_3WAY_SYNCS Value:
.crwdcntrl.net/	1970-01-20 07:58:23	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 07:58:23	Name: _cc_id Value: fc07eecd330790c9b385135901d4437d
.crwdcntrl.net/	1970-01-20 07:58:25	Name: _cc_cc Value: "ACZ4XmNQSEs2ME9NTU4xNjYwtzRItkwytjA1NDa1NDBMMTExNk9hAIIkrUfmIBoKAE7eCig%3D"
.crwdcntrl.net/	1970-01-20 07:58:25	Name: _cc_aud Value: "ABR4XmNgYGBI0npkDqSgAAAUhQGm"
.tapad.com/	1970-01-20 02:56:01	Name: TapAd_TS Value: 1646977591367
.tapad.com/	1970-01-20 02:56:01	Name: TapAd_DID Value: db8b62e1-d16e-42ef-a007-e80d2f411d9b
.snapchat.com/	1970-01-20 10:51:13	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwREAIQgDwIqYAS4EYjdah8X7vX0tkpKalqdlcLTNUdmwBog99eUN+AqC6i7F/dUfjQIiPEAAAAA=
.agkn.com/	1970-01-20 10:15:13	Name: ab Value: 0001%3A4Qs4YpiucsxezYJ%2B2h84MFtF6d06S%2FN5
.dpm.demdex.net/	1970-01-20 05:48:49	Name: dpm Value: 24005879948523131851487275519097872137
.demdex.net/	1970-01-20 05:48:49	Name: demdex Value: 24005879948523131851487275519097872137

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://golden1-cu.us/layouts/system/VisitorIdentification.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://golden1-cu.us/login/3d/assets/msgbox/dist/sweetalert2.all.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://golden1-cu.us/login/3d/assets/msgbox/dist/sweetalert2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://golden1-cu.us/login/3d/-/media/golden1/brand-logos/golden1_logo.svg?iar=0&hash=7584520B91493D062CC63C62FBC5E1FF Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://golden1-cu.us/login/3d/-/media/golden1/brand-logos/golden1_logo.svg?iar=0&hash=7584520B91493D062CC63C62FBC5E1FF Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://golden1-cu.us/login/3d/-/media/golden1/brand-logos/equal-housing-opportunity-logo-70x75-ico.png?h=75&iar=0&w=75&hash=41A0920553F4151829E90F8C30609980 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://golden1-cu.us/login/3d/-/media/golden1/social/facebook-ico.png?h=103&iar=0&w=103&hash=437F27E53FEE55893EB93A1A0246DFC6 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://golden1-cu.us/login/3d/-/media/golden1/social/twitter-ico.png?h=103&iar=0&w=103&hash=DBB12CBC527009B6DD148F9B5107D243 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://golden1-cu.us/login/3d/-/media/golden1/social/linkedin-ico.png?h=103&iar=0&w=103&hash=370CDCDFD0C4DE6FA8EABE92730BD6DD Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://golden1-cu.us/login/3d/-/media/golden1/social/youtube-ico.png?h=103&iar=0&w=103&hash=347A4D2D84C02692C49599E7BF1313B1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://golden1-cu.us/login/3d/-/media/golden1/social/instagram-ico.png?h=103&iar=0&w=103&hash=34017C43E8F77B9EA3802438277E9861 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042(Line 4) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.golden1.com') does not match the recipient window's origin ('https://golden1-cu.us').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6615638.fls.doubleclick.net
aa.agkn.com
adservice.google.com
beacon.krxd.net
cdn.jsdelivr.net
cdn.krxd.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
consumer.krxd.net
di.rlcdn.com
docs.golden1.com
dpm.demdex.net
fei.pro-market.net
golden1-cu.us
idsync.rlcdn.com
load77.exelator.com
loadm.exelator.com
pixel-a.basis.net
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
resources.xg4ken.com
rules.quantcount.com
sc-static.net
secure.quantserve.com
ssl.google-analytics.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
tr.snapchat.com
tr6.snapchat.com
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
107.178.246.49
13.225.221.250
142.250.64.102
142.250.64.66
151.101.194.133
2001:4de0:ac18::1:a:3a
207.198.113.178
216.152.140.212
23.200.197.46
2600:1901:0:8eee::
2600:1901:0:be84::
2600:9000:21ec:ec00:6:44e3:f8c0:93a1
2606:4700::6810:5714
2607:f8b0:4004:c0b::9d
2607:f8b0:4006:807::2002
2607:f8b0:4006:80a::2004
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::2008
2607:f8b0:4006:81d::200e
2620:116:800b:21:1d2b:ecd5:fcc0:2c58
2a02:6ea0:c400::12
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.107.140.17
34.229.3.43
35.186.226.184
35.190.60.146
52.36.26.51
52.45.242.235
52.51.37.201
54.161.167.40
54.173.140.2
54.173.43.128
54.200.108.95
82.223.46.25
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07641ec9109ddd33f14ff5183f52f004bc26d30f6272de4c5c3a99861291cd24
08ec7021cb4983ee1870e2bdd0beac15ff38675f06ded4e6a9f2bdf2fb67cf64
0a24f7cbd4472786411c1ce7fbdb96edc763b326041a9774d1ce56b5cbfe77ee
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
27888ef6f6c92a858394698ab07108f2ac1029632b00fcc57c62b5ea14708b19
297cb49b8d568722af7a449f093d9313a1f69a358f06b34a87afbd4b16ac1c9e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed25e2c053cec997cd692162d798e69cab06b81bfccfcb1ae44bc7ebcac9d9f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3848138f6adacb425d8c0319cc8b0648a49ee0d019caebbf449de341d2b696f6
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3c1ddc064d34895e5eee3a584d504ea654874d2a3424e46e0065dc1b320a5045
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44f51c55b2644def8e2e04cb51d22cec761af6fc90c9fb39270af91cb881fb55
5009aa5b65d31cf656c10ade6f7571a2a1ea71cbd5e369365a7f1a0ff5e069a1
53efe454ada9283a177535a1e9a7de3f14e7f3b4bc80d0fd042c78223a983faa
58c5fb14d40e03a30b242153b35222ef2c66912229fe98e3bad88afd8bb4aa37
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5f1ce58d2e01793d5a9cee1e80b9756ca444282fd743a67e5d21097104db9438
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
689ad2cd1d739c1fe257f20a59d58e7c14981a7f7e8d496797865e88feef31fa
6dbe9b51f575262e1cd0685e69b0dbb4564a20c62ec6ea9e6587313d4063ab21
6e71b7e33722474527ac6303e6361a2b7ace3bd168c4886ec41d96acbd37a3d1
6f3c1a5f9ace55331ed57821b1a997f2250af2ac3af2f22dbbc920a01a77bd9d
6f7bbc79052d331a0d516d9e2393e3132d7b18ee6dbf16e4f058626913727efe
77cbdb76652eb56acf13d89193c114216d6f085ec5b77584228cb32231dede3e
77fb4e81e739192dc90fc9e3cd5572d4a098897f87347a050660059ec27afb5f
82c146c7c9d5ecc20bd37bcc2273ed7a034c87444e0cdd33c224f3dd25df85ea
85e256bb159ddf227eabf54e6034e274b414c022b0b1073e30c88c951b36e35e
89349f67308fefb901834c54f04b87d1f1695f081c5060562335871fe81ce463
92a9e2194fdd89bdef807f60dd9d49af0ad00d3421349dd2096ef7f932f06693
93d09844d7a7fa433f8123730d11e948e85d8cea26e6a29145cd2128a2f3561d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b09fb29de36cb7bc57a4df206368485cbfd8b072daabc4e6057789df1075ca3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b2131df6fd06c2b58c82fa034e698a006736692271ee2fbb5b815d85bc3d87c1
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b548cf0a9a4373bdabbf491e3f977eabb11918daf8155e84f3f73b417f9a3f66
bfadca6225c71821d7427d85a722bbfcd5b6b6612364a8e4e06ecd8162fe22cf
c11cb5f286d7ab9c105a5f4865c3f7ad85fe215a5861a0bda01fd4e521858c84
c1d9f00c48fc667e693dd754628691743d73d39add07cbaa5c7ef605a6bb83c8
ccf30850cdcf9e61c61a298dadcbe090bd533c28f5f554cc58e889eafd59cc47
cd4043213c8d70421aca31f640feb5b6bf099b3085050d56de8839241021945e
ce580beb7a29408062de63bacffb19b62ddb54ce77f6e982cb5ecac8af8b4abb
d0b43f3d295ec5747829bd47cba878545a55aeb10105b3ce4e01b4e21549f350
d3896f68f34c953c750849cdeafc9beefa88c6aa162ca1e4ee83834cf8a47360
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e735118972594f746d0e6d93fd1e63e152b00f0b4f5a18fa18f8ba7c40d82ebd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8
f7573d5c433cc851f6327f5f9fcc9068d46f26c12bb8bec772dafa262218ed4c
f80bca77b3914f2d11dfacbeef25d8645736089807097a3527dae259b0badbaa
fb994954570fb6b93d879446d0aa79bdcaf0472501b3bcb166e80c91a6171204
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

golden1-cu.us Open in urlscan Pro 82.223.46.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

78 %HTTPS

43 %IPv6

26 Domains

38 Subdomains

29 IPs

4 Countries

1037 kBTransfer

3461 kBSize

33 Cookies

0 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

golden1-cu.us Open in urlscan Pro
82.223.46.25 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

78 %
HTTPS

43 %
IPv6

26
Domains

38
Subdomains

29
IPs

4
Countries

1037 kB
Transfer

3461 kB
Size

33
Cookies

115 HTTP transactions
0 data transactions