directexpresshelp.com Open in urlscan Pro
2606:4700:3036::6815:14e8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://directexpresshelp.com/
Effective URL:
https://directexpresshelp.com/
Submission: On December 01 via api (December 1st 2023, 11:47:12 am UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3036::6815:14e8, located in United States and belongs to CLOUDFLARENET, US. The main domain is directexpresshelp.com.
TLS certificate: Issued by GTS CA 1P5 on October 4th 2023. Valid for: 3 months.

This is the only time directexpresshelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:c2c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700:303... 2606:4700:3036::6815:14e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
15	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	44.215.118.203 44.215.118.203	14618 (AMAZON-AES) (AMAZON-AES)
1	52.46.135.132 52.46.135.132	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:6600:1d:d7f6:39d3:7a61	16509 (AMAZON-02) (AMAZON-02)
2	52.94.225.95 52.94.225.95	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
62	17

1 2606:4700:3031::ac43:c2c0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

directexpresshelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3036::6815:14e8 (United States)

ASN13335 (CLOUDFLARENET, US)

directexpresshelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.215.118.203 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-118-203.compute-1.amazonaws.com

rcm-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.135.132 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.assoc-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6600:1d:d7f6:39d3:7a61 (United States)

ASN16509 (AMAZON-02, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.225.95 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

fls-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	directexpresshelp.com 1 redirects directexpresshelp.com	177 KB
17	wp.com i0.wp.com — Cisco Umbrella Rank: 3858 stats.wp.com — Cisco Umbrella Rank: 2814 pixel.wp.com — Cisco Umbrella Rank: 2796	189 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	225 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	amazon-adsystem.com 1 redirects rcm-na.amazon-adsystem.com — Cisco Umbrella Rank: 41644 fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 8799	938 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 14517	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	148 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	ssl-images-amazon.com images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 726	90 KB
1	assoc-amazon.com ws-na.assoc-amazon.com — Cisco Umbrella Rank: 35474	44 KB
62	12

	Domain	Requested by
19	directexpresshelp.com	1 redirects directexpresshelp.com
15	i0.wp.com	directexpresshelp.com
6	pagead2.googlesyndication.com	directexpresshelp.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fls-na.amazon-adsystem.com	ws-na.assoc-amazon.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	directexpresshelp.com connect.facebook.net
2	images.dmca.com	directexpresshelp.com
2	www.googletagmanager.com	directexpresshelp.com www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	images-na.ssl-images-amazon.com	ws-na.assoc-amazon.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.wp.com	directexpresshelp.com
1	ws-na.assoc-amazon.com	directexpresshelp.com
1	rcm-na.amazon-adsystem.com	1 redirects
1	stats.wp.com	directexpresshelp.com
62	18

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.amazon.com
maps.google.com
www.dmca.com
generatepress.com

Subject Issuer	Validity	Valid
directexpresshelp.com GTS CA 1P5	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
images.dmca.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon RSA 2048 M01	`2023-03-16` - `2024-01-21`	10 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-09` - `2023-12-08`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2023-08-09` - `2024-07-24`	a year	crt.sh
fls-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://directexpresshelp.com/
Frame ID: BAB77BC87C7C12407D19DAA245600CC5
Requests: 51 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Frame ID: 6DF187121D9243A9EE0F80FCB474A1F2
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 55C45553F5F78AD3FD60837440D11E25
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517003535209854&output=html&adk=1812271804&adf=3025194257&lmt=1701431226&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdirectexpresshelp.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701431226486&bpp=2&bdt=1079&idt=185&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3959050947195&frm=20&pv=2&ga_vid=2106806368.1701431227&ga_sid=1701431227&ga_hid=659285951&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C44809314%2C31078297%2C44807750%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1882574512629384&tmod=774544963&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=199
Frame ID: CED7AEB108E6E4C4C17B89A562AB39BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BBA1C193E430EE8FE36492FB6E202857
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C07ABD2AA74806D9867679D1DC4BA344
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Direct Express Card Help - Direct Express Card, Social Security & Disability

Page URL History Show full URLs

http://directexpresshelp.com/ HTTP 301
https://directexpresshelp.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

98 %
HTTPS

72 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

999 kB
Transfer

2437 kB
Size

19
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/@directexpresshelp
Title: Watch Our Youtube Videos

Search URL Search Domain Scan URL

URL: https://www.amazon.com/58f8026f-0658-47d0-9752-f6fa2c69b2e2/qualify?tag=dehelphome-20&linkCode=ur1
Title: Sign up today!

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?z=16&q=you%2Bcan%2Breach%2Bdirect%2Bexpress%2Busing%2Bthe%2Bcontact%2Binformation%2Bbelow%3A%2Bprocessing%2Bcenter%2Bpo%2Bbox%2B245998%2Bsan%2Bantonio%2C%2Btx%2B78224-5998
Title: You can reach Direct Express using the contact information below:Processing CenterPO Box 245998San Antonio, TX 78224-5998

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=9dfa0eed-0bfb-484b-8953-6fde7868aca9&refurl=https://directexpresshelp.com/

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://directexpresshelp.com/ HTTP 301
https://directexpresshelp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20 HTTP 302
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
directexpresshelp.com/
Redirect Chain

http://directexpresshelp.com/
https://directexpresshelp.com/

106 KB
21 KB

1960ms
1539ms

Document
text/html

2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

bfe9afa1e4e28234c812e0f962fe3ed3f3656d0774552194f0f11726438fa18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 82eb17ddbb5c8b6b-HKG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 11:47:05 GMT
display: orig_site_sol
expires: Thu, 30 Nov 2023 11:47:05 GMT
link: <https://directexpresshelp.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/7Yy4l>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wsjc4DJWaLzxLDfds%2FuwsMwdrB%2FitXmsfq%2BLys2F3eBo5YH5%2BjFAyw71Rghje%2F0UO089VsuItVYfMo2zDl6jTui6h9VgnsBQuhq3Zfz0BMiyVnBFnq%2BYtJA7GyxpXyS2dGCxRDwVCIN5sey3w6awD9tQ7Ls%3D"}],"group":"cf-nel","max_age":604800}
response: 200
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: HIT: 2
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-ezoic-cdn: Miss
x-middleton-display: orig_site_sol
x-middleton-response: 200
x-origin-cache-control: max-age=600, must-revalidate
x-powered-by: WP Engine
x-sol: orig
x-ua-compatible: IE=edge

Redirect headers

CF-RAY: 82eb17da5f202bc2-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 01 Dec 2023 11:47:03 GMT
Expires: Fri, 01 Dec 2023 12:47:03 GMT
Location: https://directexpresshelp.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fe5kVmqZE2AgNg4EFtyZveoirJt7pP5xpeeopphSGlBfN2Jr1czG0jbwCD%2B2IcpF4vUOfAN1PPrcTUPEYotMwKTASDwN6YRBmbT4CPp8t5WWoOgF8nB%2FCkFy2gM6SW8bnq71YaUlGA7OtPfmuqT0Tj5ctI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400

GET
H2 200 autoptimize_05bc9eefeeab4efa79e4afe6a8c05bbe.css
directexpresshelp.com/wp-content/cache/autoptimize/css/ 261 KB
43 KB 620ms
618ms Stylesheet
text/css 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/wp-content/cache/autoptimize/css/autoptimize_05bc9eefeeab4efa79e4afe6a8c05bbe.css

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3ef35855c64fcd0f2e06f41601dd51c688d5310ecbb888b8a5ea1d725dd9d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;ds;0e56d8fc86d10143ffa1ccbfc4b6f7f4;2-510601-1;57ed238b-d3dc-4add-49fe-085928569a73
x-middleton-display: staticcontent_sol, orig_site_sol
content-encoding: br
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
response: 200
last-modified: Wed, 22 Nov 2023 21:09:45 GMT
server: cloudflare
etag: W/"655e6e19-4137c-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqbB2rnh%2FEz563rKhbhLi3g%2FC4d1IwLc%2Bo3Ezbfzm9XeHKAKUTNQpkGfTkxTQp2uS5i5l2VBrb6PJYQTYRjnmLooZQvyb3DlDr2M7g5tST59wxPiPq7F1Js57Ob%2Bpq9IoJJN9oW6peCcunO8QmL4PAtGGAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82eb17e77abd8b6b-HKG

GET
H2 200 jquery.min.js Show response
directexpresshelp.com/wp-includes/js/jquery/ 86 KB
31 KB 909ms
909ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;ds;3fa59e638f78181bf733a5a4f29dbe89;2-510601-1;294049c0-e759-420a-59fc-4220c77f0575
x-middleton-display: staticcontent_sol, orig_site_sol
content-encoding: br
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
response: 200
last-modified: Wed, 22 Nov 2023 20:57:35 GMT
server: cloudflare
etag: W/"655e6b3f-15601-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aU2Gk%2FmnQLJzwDJLtEq5tXyid%2BneHRRAIFU1w1eceGp%2F6W1typvh9VyIDPAP3daAPn2vtHW4lSmai4j6AVUitHSlbyOvsKRJSiEkJSNm3cxHnM1KAjRBlQEndSZMmoYu0jhxiQpLyEWF%2Bu6YjWxlYKtvWPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82eb17e77ac38b6b-HKG

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 131ms
74ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ce639079bd98ae2ef589582376feb4b2cea8310bb5d7c952c534fee9ae93bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52614
x-xss-protection: 0
server: cafe
etag: 9127740075957075402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:47:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 85ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-43683690-3

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

89d448d69f4682cebbfcefe48b5f1169be7cf837dca2d5d515d936729874ba31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69059
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 11:47:06 GMT

GET
H2 200 cropped-cropped-Direct-Express-Help-1.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2018/10/ 3 KB
3 KB 52ms
11ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2018/10/cropped-cropped-Direct-Express-Help-1.png?fit=437%2C99&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

34d57b944a61b899807b6946e4a6c2d9692415917faa0a0fffd8d95277431821

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:05 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2956
x-nc: HIT hhn 3
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "d74e2b4fcf5a360c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2018/10/cropped-cropped-Direct-Express-Help-1.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 boise.js Show response
directexpresshelp.com/detroitchicago/ 926 B
784 B 488ms
483ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/detroitchicago/boise.js?gcb=195-0&cb=2

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0dc9f241ec7f0549db655a6d4aaa8c5540e5c82a1c908b8b83750e6853cd2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuG40QeRNepHscy2ctK5AahsmUvLRbBWR8QmQV%2BCfR9rxqP3%2BLrhihiXqF7d1jqUYK%2BGcGpyCOiIlfs2RYiqTBNOm3ZpKE%2F5dp23GiN1QZ4bf4ZpBZ881VbKLt3YuA6PS2SAEU5TZq0k56us8dP4YgFYJoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17ed3b7b8b6b-HKG

GET
H2 200 abilene.js Show response
directexpresshelp.com/parsonsmaize/ 6 KB
3 KB 353ms
348ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=30

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b01d53596221a10ad89cd142297dd43310bbe0531fe4694fd590fdbeebf5a18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m58mw6RJqr%2BjGQ6N6FfA0ZUkcar%2BdG%2F%2B%2FXl7kNRJAMy0X66olhzBD6eBkj%2BxQO92ITsmYAYFN8nitNALKpLndM44xUiNQAfqoGPs0j9o2k5wZceFLFX3dEIBwRVwKLCqE%2FM4p0SGQ6dDTYo2zvOv5DiJjuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17ed3b7f8b6b-HKG

GET
H2 200 et.js Show response
directexpresshelp.com/porpoiseant/ 1 KB
1008 B 502ms
498ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/porpoiseant/et.js?gcb=195-0&cb=2

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWRYQqXzcEGvn0UPqwMIIiISSF%2B2gMN9b2bDxNFOmoS3wOrZ5BLLIB%2F3OsNp033f6fkRA%2Fp8XuIcapSMTHCWgRjL6yFTYKfjAyEedMB56C0iZqLdgXtzNrxUhV%2FUVINHxzki5fBEMag5Bns5cpfAGMcnIkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17ed3b8a8b6b-HKG

GET
H2 200 Prepare-for-Taking-Social-Security-in-2024.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/11/ 15 KB
15 KB 13ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/11/Prepare-for-Taking-Social-Security-in-2024.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

48fa15ccaa399f72e882109fb24bda3989d5324a583b7a2d3bd2e60d0b7d2863

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:05 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 15078
x-nc: HIT hhn 1
last-modified: Tue, 28 Nov 2023 19:13:37 GMT
server: nginx
etag: "2df7ccd567d82b1e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/11/Prepare-for-Taking-Social-Security-in-2024.png>; rel="canonical"
expires: Fri, 28 Nov 2025 07:13:37 GMT

GET
H2 200 What-time-does-Social-Security-hit-Direct-Express-card-3.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/ 17 KB
18 KB 16ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-3.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

0252ba74fdd3b504dd7b4d4a15720f1134959bd5e18b1cd26d656924f08629cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:05 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 17810
x-nc: HIT hhn 2
last-modified: Mon, 27 Nov 2023 23:51:04 GMT
server: nginx
etag: "62c099826ab6f804"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-3.png>; rel="canonical"
expires: Thu, 27 Nov 2025 11:51:04 GMT

GET
H2 200 What-time-does-Social-Security-hit-Direct-Express-card-2.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/ 18 KB
18 KB 16ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-2.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

829a4568d0c8e326c1e022af19985d295dc933dee3ac68e8beb1d29684eba649

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:05 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18138
x-nc: HIT hhn 2
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "c7226cc8018bb784"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-2.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H3 200 2024-Social-Security-COLA.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/ 15 KB
16 KB 13ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/2024-Social-Security-COLA.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

88e58b06a43d52cf619d55c3134633e2e6476c9d284781aca2d0f6547ee1a938

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:05 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 15578
x-nc: HIT hhn 3
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "5842580b5458b418"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/10/2024-Social-Security-COLA.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H3 200 How-to-resolve-SSI-Overpayment-letter.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/ 14 KB
15 KB 24ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/How-to-resolve-SSI-Overpayment-letter.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ffc213549ebefcae379a54e755263c4d40f382f4acfb138a9c2411eb0ff5a065

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 14588
x-nc: HIT hhn 3
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "8ff4521d9f906d3c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/10/How-to-resolve-SSI-Overpayment-letter.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H3 200 what-to-do-about-Social-Security-Overpayment-letters.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/ 18 KB
19 KB 20ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/what-to-do-about-Social-Security-Overpayment-letters.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f9ff06d5d2582b76bd977802f4bfd3275be04820397f192853602ee27f88f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18760
x-nc: HIT hhn 1
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "acdcec3cba812629"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/10/what-to-do-about-Social-Security-Overpayment-letters.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H3 200 Direct-Express-Myaccount-Login-.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/ 18 KB
19 KB 19ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/Direct-Express-Myaccount-Login-.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4762e6e3977758faa3346322cb4f9a2b247d0cabf54783caee527f4a8646c02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18772
x-nc: HIT hhn 4
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "c7a3ce04509ca71f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/09/Direct-Express-Myaccount-Login-.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H3 200 Social-Security-COLA-Estimate-for-2024.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/ 23 KB
23 KB 22ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/Social-Security-COLA-Estimate-for-2024.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6c8f7f910058efb76de58e1cd7e4527029ae8c71671e409f94ea3ea2de08ede1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 23098
x-nc: HIT hhn 2
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "567d8c7a4b547a13"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/09/Social-Security-COLA-Estimate-for-2024.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H3 200 What-time-does-Social-Security-hit-Direct-Express-card-1.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/ 17 KB
18 KB 22ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-1.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

29eab285958e0c7851f7532fcfa4ddb59ab85f844c6436b8c3f1e2a36d7be60f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 17748
x-nc: HIT hhn 2
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "60a8a78fac091ed6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-1.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H3 200 What-is-the-expected-Social-Security-increase-for-2024.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/ 19 KB
19 KB 23ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-is-the-expected-Social-Security-increase-for-2024.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d38641890893dc5f5b62c5733b4a6ebe0369c541d05f5987e92cf65b6b576353

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19078
x-nc: HIT hhn 3
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "45c2d8853aef7f6b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/08/What-is-the-expected-Social-Security-increase-for-2024.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 dmca-badge-w150-2x1-03.png
images.dmca.com/Badges/ 9 KB
9 KB 42ms
40ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca-badge-w150-2x1-03.png?ID=9dfa0eed-0bfb-484b-8953-6fde7868aca9
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: e4f82c06e12f028861fcc3587190038b946c774d584c8f58287da453cdfb941b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:58:17
cdn-pullzone: 1574055
content-length: 9215
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "1cc8aa3aace6d11:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 5c1470f927b1bb9210188c820e820246
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
833 B 102ms
33ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:05 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 10/31/2023 19:00:40
cdn-pullzone: 1574055
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"26b181f16d28d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: d27fec9e910d8b202486d906956ff552
cdn-requestcountrycode: DE
link: <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 e-202348.js Show response
stats.wp.com/ 7 KB
3 KB 62ms
13ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202348.js
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Fri, 01 Dec 2023 11:47:06 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684464982353.1523
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 25 Nov 2024 07:07:17 GMT

GET
H2 200 autoptimize_e28b140867d2dea4e6dbb360c9c0a689.js Show response
directexpresshelp.com/wp-content/cache/autoptimize/js/ 140 KB
45 KB 785ms
783ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/wp-content/cache/autoptimize/js/autoptimize_e28b140867d2dea4e6dbb360c9c0a689.js

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0562732500a18cc360d41dd63a7ced30f16e8c7758ebb8522ce6f688373bdecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;ds;b43b744d803a81d81a447bc4564c0fd7;2-510601-1;ef15edcc-fd56-494b-6df2-aa9a781f3490
x-middleton-display: staticcontent_sol, orig_site_sol
content-encoding: br
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
response: 200
last-modified: Wed, 22 Nov 2023 21:03:15 GMT
server: cloudflare
etag: W/"655e6c93-23113-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I6o5qE2pWV4Wjdvt4dvFjkzhYXP8Cq46AsBy8CqstsW65f%2B%2FAYiwuCY%2F4omA4u1X3tLmI%2FccYTFeQdpvrtOaSO%2F7kGLn8wDRXQ%2F2WcVA%2B6UzmouEUbwY5s3pfHn9ySjbsi2aZM2dlp32JFIqsgefUQR0yQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82eb17ed3b8d8b6b-HKG

GET
H/1.1

200
200

cm Show response
ws-na.assoc-amazon.com/widgets/ Frame 6DF1
Redirect Chain

https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshel...

44 KB
44 KB

357ms
117ms

Document
text/html

52.46.135.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.135.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 76ba66489fe2da5df50d9bc041f83ac8eb0d726881fcfc77d57edbdc76f26075

Request headers

Referer: https://directexpresshelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: close
Content-Length: 44907
Content-Type: text/html;charset=UTF-8
Date: Fri, 01 Dec 2023 11:47:07 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 01 Dec 2023 11:47:06 GMT
Location: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 7C0M98H0T3QWR88PPJT8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 61ms
13ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23156c48f2f025dc2bf6d0ca750e41ba09771b086c7dc2c5a02cb80cc3494dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 11:47:06 GMT
content-md5: 0ubG1CKVfldNkGq8IFETfA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: W81hxzxPDzKlifXB53uR7dm/emkhRYqqzWPUWXVKmHQIseC3zkys5oX9cbey6EheNu7icE5+pmRqiCbu7sVOsw==
x-fb-content-md5: 83537999d68ad10ba314a47b43df5376
cross-origin-opener-policy: same-origin-allow-popups
etag: "9cce4a045aec8ed5b8c61fe5a6499eca"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 01 Dec 2023 12:00:05 GMT

GET
H2 200 drake.js Show response
directexpresshelp.com/beardeddragon/ 4 KB
1 KB 488ms
488ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/beardeddragon/drake.js?gcb=0&cb=6

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87143a6e228aa2039004935d4159d5e1e8ff3b6762e2d5ceeab72c04f0fb178f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khLMNzD49oOQHyGZq4wwEObJ66PH3pTGAp4Of1UMrcmBYafEfsBvZlm8ZwZPmw5aSe%2BWZGH9pHP1hRpdpbXoQGNio%2FQfVC5xsEDnnKjbz3TFVZO%2BVXedbbE25Pzbs0EE0WXeFaj2fMYgSuIJpw4s92rYQtU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17ed3b918b6b-HKG

GET
BLOB 200
OK a197388b-51fb-43cf-a8e8-3e5ce0319222
https://directexpresshelp.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://directexpresshelp.com/a197388b-51fb-43cf-a8e8-3e5ce0319222
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 What-ATMs-are-free-for-Direct-Express.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/10/ 640 B
1 KB 14ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/10/What-ATMs-are-free-for-Direct-Express.png?fit=800%2C600&ssl=1&resize=40%2C40

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

58e60c91b7c4709686674a91e7b411fedb2dff3052867003e0f39243ba2d9019

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 640
x-nc: HIT hhn 3
last-modified: Fri, 24 Nov 2023 11:43:44 GMT
server: nginx
etag: "9d873efb81cd8e71"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2013/10/What-ATMs-are-free-for-Direct-Express.png>; rel="canonical"
expires: Sun, 23 Nov 2025 23:43:44 GMT

GET
H3 200 How-do-I-unlock-my-Direct-Express-card.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2019/11/ 494 B
897 B 15ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2019/11/How-do-I-unlock-my-Direct-Express-card.png?fit=800%2C600&ssl=1&resize=40%2C40

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

762bf09b08055d2e81d6499a5176f9119324e7d484536562f9ec083749494d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 494
x-nc: HIT hhn 4
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "1700258acf272398"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2019/11/How-do-I-unlock-my-Direct-Express-card.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H3 200 Direct-Express-Debit-Card-Login.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/08/ 522 B
918 B 17ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/08/Direct-Express-Debit-Card-Login.png?fit=800%2C600&ssl=1&resize=40%2C40

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

0d848d1bba0a5740f08135ebe6ff96c31bc4baa04273f4d6310fc59e14c119ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 522
x-nc: HIT hhn 2
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "6761aa8220464a86"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2013/08/Direct-Express-Debit-Card-Login.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H3 200 Direct-Express-Emergency-Cash.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2021/03/ 632 B
1 KB 16ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2021/03/Direct-Express-Emergency-Cash.png?fit=800%2C600&ssl=1&resize=40%2C40

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

2eee0cafe6c7f66097f027901c23695439f82c39adc304b9582ad752837a7a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 632
x-nc: HIT hhn 3
last-modified: Fri, 24 Nov 2023 11:43:44 GMT
server: nginx
etag: "b12ba9677e5df939"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2021/03/Direct-Express-Emergency-Cash.png>; rel="canonical"
expires: Sun, 23 Nov 2025 23:43:44 GMT

GET
H2 200 jellyfish.js Show response
directexpresshelp.com/porpoiseant/ 37 KB
10 KB 578ms
578ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/porpoiseant/jellyfish.js?a=a&cb=11&dcb=195-0&shcb=34

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300e2db7f019d940ffcb00bff1342eeeab8b4c44806e34b91f9e2c49432171aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOpr3RWAiXQEHf9iJmxz7JZTkF8bsFGLLpp9IqGq6bQKJzOZJJAXK7etk7Hjj6SPDNwhmyuGLDEFhCtKWTz6UuaFJvuzmEK3l%2FI%2B4J%2FU5BYgXF%2BHwie7mflUMEDUx3kbwvzixHVzu6UunSLHYGN%2BB5ylOdM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17ed6bb98b6b-HKG

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 26ms
11ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=117864997&post=0&tz=0&srv=directexpresshelp.com&j=1%3A12.8.1&host=directexpresshelp.com&ref=&fcp=3268&rand=0.9142487923934739
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Dec 2023 11:47:06 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 29ms
12ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=aeb7694de601cffe2e060ae9a61649e4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ab428de426ca77be5d8ea0306e16d01dab667a0d5f6d50fce88f8d6aa9e490d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://directexpresshelp.com/
Origin: https://directexpresshelp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 11:47:06 GMT
content-md5: qswaYuV6pRZ6ADqHkwmKZg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88321
reporting-endpoints
x-fb-debug: 2E1eniDF+YKeVzl6Ab1wMn8Tx5xrRu3DGGMijhxXBn68b12sUkfLOa9b53qzks7neWGzhh5Fjm2cO7qwD0bLRg==
x-fb-content-md5: c624c1346790e6edc8a8575f476c5c69
cross-origin-opener-policy: same-origin-allow-popups
etag: "9158025124efe1d27ee44e0f6b3b9784"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 30 Nov 2024 11:14:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6QW80M9MT9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43683690-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c319a5b3fc561c472160ea8dc9fd237f25fb4c9f53b5cfed6d58010a99702b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81820
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 11:47:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 59ms
19ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43683690-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 11:39:15 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 471
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 13:39:15 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9517003535209854&plah=directexpresshelp.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b35f5345a7c3b48f49434bcb8e0a36bd6f4ab9248499367dd3bf36894d3c7c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137286
x-xss-protection: 0
server: cafe
etag: 8132992592629520318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:47:06 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 55C4 9 KB
4 KB 67ms
18ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://directexpresshelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 21:10:45 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 21:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 23ms
22ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=659285951&t=pageview&_s=1&dl=https%3A%2F%2Fdirectexpresshelp.com%2F&ul=en-us&de=UTF-8&dt=Direct%20Express%20Card%20Help%20-%20Direct%20Express%20Card%2C%20Social%20Security%20%26%20Disability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=467681146&gjid=1449197013&cid=2106806368.1701431227&tid=UA-43683690-3&_gid=89524912.1701431227&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1869047229

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://directexpresshelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://directexpresshelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 52ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6QW80M9MT9&gtm=45je3bt0v9111022135&_p=1701431226327&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2106806368.1701431227&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701431226&sct=1&seg=0&dl=https%3A%2F%2Fdirectexpresshelp.com%2F&dt=Direct%20Express%20Card%20Help%20-%20Direct%20Express%20Card%2C%20Social%20Security%20%26%20Disability&en=page_view&_fv=1&_ss=1&tfd=3448
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6QW80M9MT9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:47:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://directexpresshelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 65ms
23ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-43683690-3&cid=2106806368.1701431227&jid=467681146&gjid=1449197013&_gid=89524912.1701431227&_u=YEBAAUAAAAAAACAAI~&z=1354507834

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://directexpresshelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 01 Dec 2023 11:47:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://directexpresshelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CED7 0
179 B 229ms
229ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517003535209854&output=html&adk=1812271804&adf=3025194257&lmt=1701431226&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdirectexpresshelp.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701431226486&bpp=2&bdt=1079&idt=185&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3959050947195&frm=20&pv=2&ga_vid=2106806368.1701431227&ga_sid=1701431227&ga_hid=659285951&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C44809314%2C31078297%2C44807750%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1882574512629384&tmod=774544963&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=199

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9517003535209854&plah=directexpresshelp.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://directexpresshelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 11:47:06 GMT
expires: Fri, 01 Dec 2023 11:47:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mulvane.js Show response
directexpresshelp.com/parsonsmaize/ 1002 B
883 B 369ms
368ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/parsonsmaize/mulvane.js?gcb=195-0&cb=5

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2GnvYv%2FseBBu9NL7oQsLpqhaauysryvFeYAF5UKcmBfJ91PpT%2BQ9%2FuudGSg0fw4rVH04bUU5Gu53ehUjaz9pNvKlNnhiZBB2gGJhPR5fRxDTfoNZUOQltsVHu9LZp3X4AgBcvWF%2FG%2FDeUdZrB%2ByJ%2BWki%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17ef7f968b6b-HKG

GET
H2 200 raleigh.js Show response
directexpresshelp.com/detroitchicago/ 2 KB
1 KB 491ms
490ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/detroitchicago/raleigh.js?gcb=195-0&cb=6

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c5779cae461daba4b2f636f90df6cbf420e8c3dbe5a326bd937e7392c2b8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FERCUo2uwIrxf7QN5gMp2v14s4RirZDTpoaAL7QQRFqcQTPtRuh3Zv26djyQCR6Mr3TrxDVng57kZ48SRMLD%2FShgf5VjRxz%2F5eRyvNaIgskmFZPU9Sy5f%2F1MVFVFQlKetg%2BiD7jHvfbu%2Bzq%2BouDLtAV13qc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17ef7f9a8b6b-HKG

GET
H2 200 vista.js Show response
directexpresshelp.com/detroitchicago/ 1 KB
820 B 309ms
308ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/detroitchicago/vista.js?gcb=195-0&cb=5

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2e2a10f2cb324627b3e07cc7789ad5c4626e4068a4089a8071f60e67168e3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMnGYE3gdWLRsBf09twMxQ3qmJ7pgkxkv60p5wiggE%2FHnQHMHY0awWd3FSsfGjalE4J3Jh%2FeNnWFaxPr%2BB%2BhWeTsEvIeoZe7w8e4NZ%2FLkVgMeCSzwuD6v043dhzMx%2FZdAxIASx%2B%2BqmC5ru6dehbxbZfLuiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17ef7f9f8b6b-HKG

GET
H2 200 tampa.js Show response
directexpresshelp.com/detroitchicago/ 976 B
827 B 510ms
510ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/detroitchicago/tampa.js?gcb=195-0&cb=5

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7af805fc2bda263e9826c3433adb07b0e8881afecb62d611961d767d68c3ac05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqE84lgQ27OD23cciaOpPNrYBOC1a5CMz9W5ua%2FudHIXXZU5J18yuJPs641OIGYNvIrYZR8FvMCp36HIaXZvag%2B4yJKtjnH%2B4zSZs%2FvRdHUVIVQZgRja1wSkwoxYulUP0t3%2FMIc5yATcAPp4TM6KUJq3Wi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17ef7fa08b6b-HKG

GET
H2 200 olathe.js Show response
directexpresshelp.com/parsonsmaize/ 2 KB
1 KB 492ms
491ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/parsonsmaize/olathe.js?gcb=195-0&cb=23

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B6LTnT7mAV3avgKjVCjKoHhi8ob9vQTKkjV4Zl9i5Nf2Qa7G0SIn7py2LLLkI307HWFxZ9EaOoxq%2FEDYpnGppeMIW3mtWTMZnl3WVW9Amiznayt13E2hf1XaIw%2B%2BKeHPYUVdcmr1%2Bqnuhk3ejLcVGk0V1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17f1cc4a8b6b-HKG

GET
H2 200 vitals.js Show response
directexpresshelp.com/tardisrocinante/ 8 KB
3 KB 310ms
309ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/tardisrocinante/vitals.js?gcb=0&cb=3

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

549bd3e9e2cfe91e355ba68c1fe15c0af27e0391123630b9ccfbbbd559cdba47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc57XpsJkSSJkYaHRNBCUvG1ev4XNkaAhmsbP7bcKC8SHRWtxRZR39K%2BnN5WAQgfUAu8FpU61oFdbpMeMX1RDHvcYX94W3nxidZVuws%2FB6ZHr9taCCQTzWR94uvSrIeDuOAbVDn24poD3s%2BDADgalkSVUTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17f1cc4d8b6b-HKG

GET
H2 200 chanute.js Show response
directexpresshelp.com/parsonsmaize/ 21 KB
6 KB 502ms
502ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-0&shcb=34

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb36489072c0eb085096a47bfcced826b7a973e5f294d5a2b54bf16df3449d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 11:47:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SF01%2BErTBrThfFH1YIZ6A2GNigSuWRdrAB%2B%2BGfusfcNmejA5LZEiYiwJcMofSM4S9vFE%2BCR8zS0TQBYD1%2F7%2FHax4Mmr7ezGyjvQN1tT29%2FWAHaAt2ylCz9n9EcrxMx2YsTmzUrMUMe%2F65SSBT3WyyxccGpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82eb17f1cc4e8b6b-HKG

GET
H2 200 wp-emoji-release.min.js Show response
directexpresshelp.com/wp-includes/js/ 18 KB
5 KB 560ms
559ms Script
application/javascript 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;ds;92e7a52a448db8951ede691a383c8998;2-510601-1;dfd8f03d-188c-4b13-5f56-c00df1dbcdd0
x-middleton-display: staticcontent_sol, orig_site_sol
content-encoding: br
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
response: 200
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: cloudflare
etag: W/"63db0985-4904-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHVGFrA8SgwTEoJ%2FuWtZ2nB%2Bq3tpwt5gaduvQLahVlUM4LTr3yZu8z7Ytz5Dbny58m8Q82tA%2FKWWaBQyVTz9A9w26QR5YzetHB8r8l%2BtXhiLUgEJcSxUT0aFIEjucfaxj9zKlzz21GLyvy844Xdybbn1VQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82eb17f27dbf8b6b-HKG

GET
H2 200 PrimeAccess-CustomerBanner-300x250.jpg
images-na.ssl-images-amazon.com/images/G/01/marketing/prime/PrimeUpQualify/ Frame 6DF1 89 KB
90 KB 105ms
18ms Image
image/jpeg 2600:9000:223f:6600:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-na.ssl-images-amazon.com/images/G/01/marketing/prime/PrimeUpQualify/PrimeAccess-CustomerBanner-300x250.jpg
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6600:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 3a5e96b26c8239a32c6da3c4bdb36d46c358232cbc599e8e8b8e32828f21a518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:51:49 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age: 82625
x-amz-cf-pop: FRA56-P5
edge-cache-tag: x-cache-501,/images/G/01/marketing/prime/PrimeUpQualify/PrimeAccess-CustomerBanner-300x250
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 91634
surrogate-key: x-cache-501 /images/G/01/marketing/prime/PrimeUpQualify/PrimeAccess-CustomerBanner-300x250
last-modified: Tue, 11 Oct 2022 22:37:10 GMT
server: Server
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400,public
x-amz-ir-id: 14b91e89-66dc-438e-a932-58bb4315fb68
accept-ranges: bytes
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: jyLpcwpkD18tYyupcLTXCApONnb_shv7s2M5uB43dRjk6vXgF5zm0A==
expires: Thu, 31 Aug 2023 10:13:37 GMT

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 6DF1 43 B
200 B 329ms
102ms Image
image/gif 52.94.225.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1701431227418&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22US%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 11:47:07 GMT
x-amzn-RequestId: 57335784-a987-4874-9e76-eacfc0e161c2
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/ Frame 6DF1 43 B
200 B 340ms
105ms Image
image/gif 52.94.225.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1701431227418&p=%7B%22program%22%3A%221%22%2C%22tag%22%3A%22dexpresshelp-20%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22https%3A%2F%2Fdirectexpresshelp.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 11:47:07 GMT
x-amzn-RequestId: 3f995bd2-f5b1-4962-954e-670a74c6fa82
Content-Length: 43
Content-Type: image/gif

POST
H2 200 imp.gif
directexpresshelp.com/detroitchicago/ 43 B
577 B 312ms
312ms Ping
image/gif 2606:4700:3036::6815:14e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/detroitchicago/imp.gif?ez_orig=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:14e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://directexpresshelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Dec 2023 11:47:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
alt-svc: h3=":443"; ma=86400
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://directexpresshelp.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=On15IchvdrrDmjaoMoFJlgSxysl%2FHfJ2YN%2FXZtgAPfo0Qbj3jaF%2FpiRqbXbYBCROSuDteOfHS1dsm33FoZuHEI8E0pSW9qcPkD%2FPp%2FV74LWEitBhS3YIHIOHKch%2BJOPZs9qxiVhblfauLJHZrUe7zyVGvuI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
cf-ray: 82eb17f4da278b6b-HKG
access-control-allow-headers: Content-Type
expires: Thu, 30 Nov 2023 11:47:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 104ms
69ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

134b430a89a00d26de83bbe52e0c51c1e5f8b9bb1b43a3ec3bf773e97dfa6b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12258
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 201ms
156ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 11:47:08 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BBA1 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://directexpresshelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 22:16:29 GMT
expires: Fri, 29 Nov 2024 22:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C07A 829 B
1 KB 66ms
28ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

136d1cdc462439f714ff591d648a4264679e6e5da15430e451c2b703ed1cad20

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ud7LQ5NnHGiApTawwO7tDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://directexpresshelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Ud7LQ5NnHGiApTawwO7tDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 11:47:08 GMT
expires: Fri, 01 Dec 2023 11:47:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C07A 0
0 52ms
51ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1882574512629384&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BBA1 39 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 10:34:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BBA1 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OkwlDQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:47:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1882574512629384&bg=!zc6lzoHNAAY3kmNgF5I7ADQBe5WfOEjdqiP5AYsYjWBrIT7DJQuww_2ao-1NJ7U3CPTyHXC47Ae6bmht5BukFpYUhB0lAgAAADRSAAAAAmgBBwoAWvyaGkFWdnwGBWffUCg_PRBwbF-XdCo_PdtAmPENXDA66zJx7dYPXKF-oM9X5eFQci5YUhXffFQ7zQsPhwSdVAoWEZ_c2K2R1FHohS4sphEl9b0aclKLgsGUI5kCu2xOgG-th1OdkwAjDmQ8_kV0_p2UYxLwQdtCYa_Fm55IowBCVwveS5sm2NR0Kd_kkRoPyi1LHSOy-tNP8CPfuoSBv145kKARMYD0i4-qS33bpmtBjtSg6id1W1suroMmuhhipOZOeAa90ZYLhxlHpqp0sTUVB6kyLkOsuhE-LVp-7kIBHWEDUMrAGeD2wejHXVRsnPKJ6oyHaJaK8GSQ9HmCwQJVQN_7xU7JZt_D_SDMvIvgoob8-8YOb_G_ife5uxNofdtEfjrI58qRI5JCZYX_fVLibZX6X2uDI36qIPV8JI8isDAO2R22PZW97QkYgIYs-bl9PAi5Y-JSvdO-JC_JveBRBOa2J1eCdsIXzTqVbdFMXTIJGAgFfHjoc0UdC_e_uJnof-G2KooqwpLHKUU5ImoJOBkAS677UII4v3WmS1hYCq3lbvjvGmfmoVySFaSE_zEKVxbGALQF3dVzyFeuqpuOlJuXeja4AeyOtLTaSWkSad4xUtRK3uas7l4c4xkz8wQVhsdo-vh8JEyXKNJMcLZmY-EFDxqPhOMHFF_w11UjGNm5cMXMYdSfQZS3KPgFdgEEwR8H6FJOvp6LehaRzeH2e9CaPyd5RwBGEf_dznM5ECD-gAqUNawf41m0QWD1hWMOTDMrRAQiDCdqvtu4hBg3DWmzYL1Ku8Av4hbQ0CnBvu1X6Qp8KDapbUpzZV6k8Osb0r7sIwiekmSCkW3agyLEu4pk7p_6iR4_nOADWIe6sf-FY-ZJ6A07d8TAmHeBHecYA9BVo4VRVciDJgqtpvuORL6OUPV6W3YcIw0orxZcCYoFDyRN9buXLQazRZUEN2JF5PnPldmKoOjLN-JCePSGoipGLtDRCRWbu3jo8B6HZUw7aDi7SkSqCmGPe2zmB1uRbej1dBtYMGGRJARj5W7sCmXzDi0KLg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.directexpresshelp.com/	1970-01-20 16:37:13	Name: ezoadgid_510601 Value: -1
.directexpresshelp.com/	1970-01-20 16:37:18	Name: ezoref_510601 Value:
.directexpresshelp.com/	1970-01-21 01:22:47	Name: ezosuibasgeneris-1 Value: 3d255a39-f7db-4048-7933-d5894aefe5d3
.directexpresshelp.com/	1970-01-20 16:37:18	Name: ezoab_510601 Value: mod16
.directexpresshelp.com/	1970-01-20 16:40:04	Name: active_template::510601 Value: orig_site.1701431224
.directexpresshelp.com/	1970-01-20 16:37:13	Name: ezopvc_510601 Value: 1
.directexpresshelp.com/	1970-01-20 16:37:13	Name: lp_510601 Value: https://directexpresshelp.com/
.directexpresshelp.com/	1970-01-20 16:40:04	Name: ezovuuidtime_510601 Value: 1701431225
.directexpresshelp.com/	1970-01-20 16:37:13	Name: ezovuuid_510601 Value: 48422ac6-b02e-43db-493f-6094486fa7e3
directexpresshelp.com/	1970-01-21 02:13:11	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
directexpresshelp.com/	1970-01-21 02:13:11	Name: ezohw Value: w%3D1600%2Ch%3D1200
.directexpresshelp.com/	1970-01-20 16:38:37	Name: _gid Value: GA1.2.89524912.1701431227
.directexpresshelp.com/	1970-01-20 16:37:11	Name: _gat_gtag_UA_43683690_3 Value: 1
.directexpresshelp.com/	1970-01-21 02:13:11	Name: _ga_6QW80M9MT9 Value: GS1.1.1701431226.1.0.1701431226.0.0.0
.directexpresshelp.com/	1970-01-21 02:13:11	Name: _ga Value: GA1.1.2106806368.1701431227
.doubleclick.net/	1970-01-20 16:37:12	Name: test_cookie Value: CheckForPermission
directexpresshelp.com/	1970-01-21 02:13:11	Name: advanced_ads_page_impressions Value: %7B%22expires%22%3A2016791227%2C%22data%22%3A1%7D
directexpresshelp.com/	1970-01-20 17:20:23	Name: advanced_ads_browser_width Value: 1600
directexpresshelp.com/	1970-01-21 01:22:47	Name: ezux_lpl_510601 Value: 1701431227762\|4e78fff1-0230-4520-61ba-7f0694c4732b\|false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
directexpresshelp.com
fls-na.amazon-adsystem.com
googleads.g.doubleclick.net
i0.wp.com
images-na.ssl-images-amazon.com
images.dmca.com
pagead2.googlesyndication.com
pixel.wp.com
rcm-na.amazon-adsystem.com
region1.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
ws-na.assoc-amazon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
192.0.76.3
192.0.77.2
2001:4860:4802:32::36
2001:4860:4802:36::178
2400:52e0:1e00::1081:1
2600:9000:223f:6600:1d:d7f6:39d3:7a61
2606:4700:3031::ac43:c2c0
2606:4700:3036::6815:14e8
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a03:2880:f084:d:face:b00c:0:3
44.215.118.203
52.46.135.132
52.94.225.95
0252ba74fdd3b504dd7b4d4a15720f1134959bd5e18b1cd26d656924f08629cc
0562732500a18cc360d41dd63a7ced30f16e8c7758ebb8522ce6f688373bdecf
0d848d1bba0a5740f08135ebe6ff96c31bc4baa04273f4d6310fc59e14c119ee
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10c5779cae461daba4b2f636f90df6cbf420e8c3dbe5a326bd937e7392c2b8df
134b430a89a00d26de83bbe52e0c51c1e5f8b9bb1b43a3ec3bf773e97dfa6b76
136d1cdc462439f714ff591d648a4264679e6e5da15430e451c2b703ed1cad20
1c319a5b3fc561c472160ea8dc9fd237f25fb4c9f53b5cfed6d58010a99702b2
23156c48f2f025dc2bf6d0ca750e41ba09771b086c7dc2c5a02cb80cc3494dd4
29eab285958e0c7851f7532fcfa4ddb59ab85f844c6436b8c3f1e2a36d7be60f
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
2cb36489072c0eb085096a47bfcced826b7a973e5f294d5a2b54bf16df3449d9
2ce639079bd98ae2ef589582376feb4b2cea8310bb5d7c952c534fee9ae93bf4
2eee0cafe6c7f66097f027901c23695439f82c39adc304b9582ad752837a7a4d
300e2db7f019d940ffcb00bff1342eeeab8b4c44806e34b91f9e2c49432171aa
34d57b944a61b899807b6946e4a6c2d9692415917faa0a0fffd8d95277431821
3a5e96b26c8239a32c6da3c4bdb36d46c358232cbc599e8e8b8e32828f21a518
3b35f5345a7c3b48f49434bcb8e0a36bd6f4ab9248499367dd3bf36894d3c7c7
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4762e6e3977758faa3346322cb4f9a2b247d0cabf54783caee527f4a8646c02a
48fa15ccaa399f72e882109fb24bda3989d5324a583b7a2d3bd2e60d0b7d2863
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
549bd3e9e2cfe91e355ba68c1fe15c0af27e0391123630b9ccfbbbd559cdba47
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58e60c91b7c4709686674a91e7b411fedb2dff3052867003e0f39243ba2d9019
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8f7f910058efb76de58e1cd7e4527029ae8c71671e409f94ea3ea2de08ede1
762bf09b08055d2e81d6499a5176f9119324e7d484536562f9ec083749494d1d
76ba66489fe2da5df50d9bc041f83ac8eb0d726881fcfc77d57edbdc76f26075
7af805fc2bda263e9826c3433adb07b0e8881afecb62d611961d767d68c3ac05
829a4568d0c8e326c1e022af19985d295dc933dee3ac68e8beb1d29684eba649
87143a6e228aa2039004935d4159d5e1e8ff3b6762e2d5ceeab72c04f0fb178f
88e58b06a43d52cf619d55c3134633e2e6476c9d284781aca2d0f6547ee1a938
89d448d69f4682cebbfcefe48b5f1169be7cf837dca2d5d515d936729874ba31
8ab428de426ca77be5d8ea0306e16d01dab667a0d5f6d50fce88f8d6aa9e490d
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
b01d53596221a10ad89cd142297dd43310bbe0531fe4694fd590fdbeebf5a18d
b0dc9f241ec7f0549db655a6d4aaa8c5540e5c82a1c908b8b83750e6853cd2cf
b3ef35855c64fcd0f2e06f41601dd51c688d5310ecbb888b8a5ea1d725dd9d4c
bfe9afa1e4e28234c812e0f962fe3ed3f3656d0774552194f0f11726438fa18a
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd
d38641890893dc5f5b62c5733b4a6ebe0369c541d05f5987e92cf65b6b576353
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2e2a10f2cb324627b3e07cc7789ad5c4626e4068a4089a8071f60e67168e3cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f82c06e12f028861fcc3587190038b946c774d584c8f58287da453cdfb941b
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f9ff06d5d2582b76bd977802f4bfd3275be04820397f192853602ee27f88f8f3
ffc213549ebefcae379a54e755263c4d40f382f4acfb138a9c2411eb0ff5a065

directexpresshelp.com Open in urlscan Pro 2606:4700:3036::6815:14e8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

72 %IPv6

12 Domains

18 Subdomains

17 IPs

3 Countries

999 kBTransfer

2437 kBSize

19 Cookies

5 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

directexpresshelp.com Open in urlscan Pro
2606:4700:3036::6815:14e8 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

72 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

999 kB
Transfer

2437 kB
Size

19
Cookies

62 HTTP transactions
0 data transactions