preferences.creditcards.salliemae.com Open in urlscan Pro
104.16.111.133  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response preferences.creditcards.salliemae.com/	27 KB 13 KB	1406ms 400ms	Document text/html	104.16.111.133 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://preferences.creditcards.salliemae.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.111.133 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5372ffc57e4f3bc804a8c551789de70dbc439b34f4b707024bddb765a75e86db Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 6ffa771bcd069b8c-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 22 Apr 2022 01:07:55 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare vary Accept-Encoding x-powered-by ASP.NET
GET H2	200	widget_hosted.css cdn.pushplanet.com/editor/	6 KB 1 KB	73ms 24ms	Stylesheet text/css	104.16.110.133 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pushplanet.com/editor/widget_hosted.css?cb=f1d8eece86eb42f48a0b7535ca326c20 Requested by Host: preferences.creditcards.salliemae.com URL: https://preferences.creditcards.salliemae.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.110.133 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 146db275e36157aeae59496c7f9ac43e67a970b40cd7f9eb145876c37f37bfe1 Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 22 Apr 2022 01:07:55 GMT content-encoding gzip cf-cache-status HIT content-md5 s4xRxMgHS+6CqueuqwP8iw== age 1999387 x-ms-lease-state available x-ms-lease-status unlocked last-modified Tue, 01 Mar 2022 21:39:47 GMT server cloudflare etag W/"0x8D9FBCC0209A0F3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css x-ms-request-id 763ae9cb-101e-011e-15b5-2daddb000000 cache-control public, max-age=31536000 x-ms-version 2014-02-14 cf-ray 6ffa771eeec49b33-FRA expires Sat, 22 Apr 2023 01:07:55 GMT
GET H2	200	jquery-ui.css ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/	31 KB 7 KB	131ms 38ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/jquery-ui.css Requested by Host: preferences.creditcards.salliemae.com URL: https://preferences.creditcards.salliemae.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5bba92f99f2514add495efe994a74f8602180e17ff646d9d4260f3bc8302f043 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 18:43:57 GMT content-encoding gzip x-content-type-options nosniff age 23038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6001 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 18:43:57 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.10.2/	91 KB 32 KB	135ms 43ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Requested by Host: preferences.creditcards.salliemae.com URL: https://preferences.creditcards.salliemae.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 10:57:24 GMT content-encoding gzip x-content-type-options nosniff age 51031 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32954 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 10:57:24 GMT
GET H2	200	jquery-ui.min.js Show response ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/	223 KB 60 KB	178ms 86ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js Requested by Host: preferences.creditcards.salliemae.com URL: https://preferences.creditcards.salliemae.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 09:04:29 GMT content-encoding gzip x-content-type-options nosniff age 57806 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61441 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 09:04:29 GMT
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.5.18/	16 KB 6 KB	201ms 109ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js Requested by Host: preferences.creditcards.salliemae.com URL: https://preferences.creditcards.salliemae.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 01:42:26 GMT content-encoding gzip x-content-type-options nosniff age 602729 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6490 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 15 Apr 2023 01:42:26 GMT
GET H2	200	lz-string-1.4.4-mod.min.js Show response cdn.pushplanet.com/static/	5 KB 2 KB	70ms 23ms	Script application/x-javascript	104.16.110.133 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pushplanet.com/static/lz-string-1.4.4-mod.min.js Requested by Host: preferences.creditcards.salliemae.com URL: https://preferences.creditcards.salliemae.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.110.133 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0543bcb916fda984fdef0aeabf45aa0b28fdf1138d83293fb2678e6e130024b2 Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 22 Apr 2022 01:07:55 GMT content-encoding gzip cf-cache-status HIT content-md5 PV91+d8VMxpGBMe0EacZHg== age 1437325 x-ms-meta-cbmodifiedtime Thu, 12 Jan 2017 04:59:09 GMT x-ms-lease-state available x-ms-lease-status unlocked last-modified Sun, 06 Aug 2017 21:49:17 GMT server cloudflare etag W/"0x8D4DD14FCEF5F10" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript x-ms-request-id 95848a23-701e-0082-038b-989033000000 cache-control public, max-age=31536000 x-ms-version 2014-02-14 cf-ray 6ffa771eeec69b33-FRA expires Sat, 22 Apr 2023 01:07:55 GMT
GET H2	200	widget_common.js Show response cdn.pushplanet.com/editor/	37 KB 8 KB	25ms 24ms	Script application/javascript	104.16.110.133 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pushplanet.com/editor/widget_common.js?cb=f1d8eece86eb42f48a0b7535ca326c20 Requested by Host: preferences.creditcards.salliemae.com URL: https://preferences.creditcards.salliemae.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.110.133 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d19b3b372917199129f17f7ae7779a0b55431fc7540f35a812c1ae25bb812d74 Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 22 Apr 2022 01:07:55 GMT content-encoding gzip cf-cache-status HIT content-md5 j/nXjzkE18aSUfeBefyM7A== age 1999560 x-ms-lease-state available x-ms-lease-status unlocked last-modified Tue, 15 Mar 2022 22:52:56 GMT server cloudflare etag W/"0x8DA06D68BD54C33" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript x-ms-request-id c141192a-901e-012d-53b5-43f4f6000000 cache-control public, max-age=31536000 x-ms-version 2014-02-14 cf-ray 6ffa771f4f299b33-FRA expires Sat, 22 Apr 2023 01:07:55 GMT
GET H2	200	widget_hosted.js Show response cdn.pushplanet.com/editor/	239 KB 36 KB	29ms 29ms	Script application/javascript	104.16.110.133 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pushplanet.com/editor/widget_hosted.js?cb=f1d8eece86eb42f48a0b7535ca326c20 Requested by Host: preferences.creditcards.salliemae.com URL: https://preferences.creditcards.salliemae.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.110.133 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eaedea9e050d9b0f5b119b7bb8d3ea803abba0a0b90e438cfde14918a12ba7ab Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 22 Apr 2022 01:07:55 GMT content-encoding gzip cf-cache-status HIT content-md5 /D75BV6WIYRBzDKilpidnQ== age 1999387 x-ms-lease-state available x-ms-lease-status unlocked last-modified Tue, 01 Mar 2022 21:39:47 GMT server cloudflare etag W/"0x8D9FBCC02127942" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript x-ms-request-id c8ccb162-201e-00b8-2bb5-2dd390000000 cache-control public, max-age=31536000 x-ms-version 2014-02-14 cf-ray 6ffa771f4f2a9b33-FRA expires Sat, 22 Apr 2023 01:07:55 GMT
GET H/1.1	200 OK	keen-tracking-1.1.3.min.js Show response d26b395fwzu5fz.cloudfront.net/	27 KB 9 KB	35ms 7ms	Script application/javascript	52.222.206.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26b395fwzu5fz.cloudfront.net/keen-tracking-1.1.3.min.js Requested by Host: cdn.pushplanet.com URL: https://cdn.pushplanet.com/editor/widget_hosted.js?cb=f1d8eece86eb42f48a0b7535ca326c20 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.206.199 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-206-199.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 601f66b38d2e6cc6caf30b751bc9393f83b511acb5fdf0bfa2d68e8e08a7238b Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Mon, 26 Jul 2021 00:59:07 GMT Content-Encoding gzip Age 23328529 X-Cache Hit from cloudfront Connection keep-alive Content-Length 9099 Last-Modified Thu, 29 Dec 2016 21:46:28 GMT Server AmazonS3 ETag "0c937b90e08e4cd8834c41e940e5a430" Content-Type application/javascript Via 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront) Cache-Control max-age=31536000000, public X-Amz-Cf-Pop FRA56-P3 Accept-Ranges bytes X-Amz-Cf-Id 3G6Pdg0N0wHXOLzxs0-f1hOXO321KwRupdvbsz8MdTM6unPdML0yUQ== Expires Fri, 29 Dec 2017 21:46:24 GMT
GET H/1.1	200 OK	p13n.min.js Show response cdn.boomtrain.com/p13n/salliemae-creditcard/	72 KB 23 KB	502ms 460ms	Script application/javascript	108.138.7.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.boomtrain.com/p13n/salliemae-creditcard/p13n.min.js Requested by Host: preferences.creditcards.salliemae.com URL: https://preferences.creditcards.salliemae.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.7.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 8de3890a2d314f09dd381629df8a4089a12837d58498de756b17b77f3405e912 Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Fri, 22 Apr 2022 01:07:56 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA56-P6 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Miss from cloudfront Connection keep-alive Last-Modified Wed, 08 Apr 2020 22:00:44 GMT Server AmazonS3 ETag W/"7aec89ba65b86dd3d16b071c464b9efa" Vary Accept-Encoding x-amz-version-id null Via 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront) Cache-Control public, max-age=3600 Content-Type application/javascript X-Amz-Cf-Id aQrqfu5-aRq3a_DOt7SBr0ze7kTw0BZ-5a-gQPlnl3SgE38Q57kxHg==
GET H2	200	SMwithtagline_footer.jpg s3.pushplanet.com/users/4ff2ff7ea1b64fcf9fe5d63257f58351/uploads/93a9b2e8faad47f69799261711e7aea6/	16 KB 17 KB	548ms 538ms	Image image/jpeg	104.16.110.133 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s3.pushplanet.com/users/4ff2ff7ea1b64fcf9fe5d63257f58351/uploads/93a9b2e8faad47f69799261711e7aea6/SMwithtagline_footer.jpg Requested by Host: preferences.creditcards.salliemae.com URL: https://preferences.creditcards.salliemae.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.110.133 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e5156e7d175da23ba2902f52d3a1f7205f8b6dcb7cba35fb8c5e3049b8e9105 Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 01:07:56 GMT cf-cache-status MISS last-modified Tue, 23 Jun 2020 22:38:45 GMT server cloudflare x-amz-request-id 0SG3JCWDY67M1192 etag "37e9c0cc31409b0af2d9669d5b59b729" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 6ffa772078c19b33-FRA content-length 16675 x-amz-id-2 Z9HxaR1zre6n4jOs0xuuBq2uwVchw8CcI8/FlqkKx7AoLa5SAZ9Q+QvlbWwyBXDHGRkF9lGxoBM= expires Sat, 22 Apr 2023 01:07:55 GMT
GET H/1.1	200 OK	resolve Show response people.api.boomtrain.com/identify/	154 B 469 B	424ms 115ms	XHR application/json	54.82.242.45 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=salliemae-creditcard Requested by Host: cdn.boomtrain.com URL: https://cdn.boomtrain.com/p13n/salliemae-creditcard/p13n.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.82.242.45 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-82-242-45.compute-1.amazonaws.com Software nginx / Resource Hash 6178657dd9044c17dc5ec710b2c0399e50e9a9bad9f45ae0d51f8a0876f03d8d Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Fri, 22 Apr 2022 01:07:56 GMT Server nginx Access-Control-Allow-Methods GET,PUT,POST,DELETE Content-Type application/json Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers X-Requested-With,Content-Type,Authorization,x-app-id Content-Length 154
GET H/1.1	200 OK	persons Show response people.api.boomtrain.com/	179 B 494 B	370ms 370ms	XHR application/json	54.82.242.45 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://people.api.boomtrain.com/persons?data=eyIkc2V0Ijp7InVzZXJfaWQiOiLCnsOpZSJ9LCJic2luIjoiQWNEeVdDSU5TY0R6TGdEL21qM3Vjd0dEOFp2S1FUUkZpVVpNN1NyL083MXg4OVoyYUNqYTJ1YjRteDJQbUFjMG13OU1DcW8xRnJDK1JEejVqTDJLOXc9PSJ9&site_id=salliemae-creditcard Requested by Host: cdn.boomtrain.com URL: https://cdn.boomtrain.com/p13n/salliemae-creditcard/p13n.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.82.242.45 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-82-242-45.compute-1.amazonaws.com Software nginx / Resource Hash bb51992f64812a727297246fb47264f221c4d343d9db193da2cc10358fa15b98 Request headers accept-language de-DE,de;q=0.9 Referer https://preferences.creditcards.salliemae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Fri, 22 Apr 2022 01:07:57 GMT Server nginx Access-Control-Allow-Methods GET,PUT,POST,DELETE Content-Type application/json Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers X-Requested-With,Content-Type,Authorization,x-app-id Content-Length 179
POST H2	200	track Show response events.api.boomtrain.com/event/	2 B 248 B	324ms 111ms	XHR text/plain	34.195.203.63 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.api.boomtrain.com/event/track Requested by Host: cdn.boomtrain.com URL: https://cdn.boomtrain.com/p13n/salliemae-creditcard/p13n.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.195.203.63 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-203-63.compute-1.amazonaws.com Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://preferences.creditcards.salliemae.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers date Fri, 22 Apr 2022 01:07:57 GMT server nginx allow GET, HEAD, OPTIONS, POST access-control-allow-methods GET, PUT, POST, DELETE content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With, Content-Type, Authorization, x-app-id content-length 2

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery object| WebFont object| LZString object| settings string| PP_MODE string| PP_CACHE_VERSION string| PP_STAGE boolean| IS_DEV boolean| IS_PREVIEW object| GEO string| DEVICE string| USER_ID string| USER_GUID string| PAGE_ID string| PAGE_GUID string| PAGE_NAME string| PP_KEEN_WRITE_KEY string| DEVICE_TYPE string| DEVICE_TYPE_MOBILE_OVERRIDE object| COUPON_GROUP_POPULATE_OBJ string| PAGE_MODE string| PC_PARTNER string| PC_LINK_VERSION object| PC_LISTS_OBJ object| PC_PROFILE_OBJ object| PC_EXTRA_OBJ object| PC_ALL_OBJ string| PC_INTEGRATION_ID string| PC_ERROR_PAGE string| DATA_STORAGE_TYPE string| window_loc_base string| customJS string| customCSS object| masterCustomJS boolean| SHOW_ERRORS object| basic_fonts object| google_fonts object| google_fonts_updated object| custom_fonts string| current_page_name object| page_first_view boolean| IsDatepickerScriptLoaded boolean| IsDatepickerScriptLoading object| IMAGE_N_DIMS function| logger function| logErrorText function| logError function| getRandomInt function| tryShowError function| tryShowMessage function| appendCSS function| appendJS function| ArrayContains function| arrayContains function| array_contains function| getUrlParam function| getUrlVars function| loadScript function| getBorderStyle function| getBackgroundStyle function| getFontStyle function| getWidthStyle function| getWidthPercentStyle function| getHeightStyle function| getHeightPercentStyle function| getLineHeightStyle function| getDisplayStyle function| getOverflowHiddenStyle function| getOverflowVisibleStyle function| getFloatLeftStyle function| getFloatRightStyle function| getPositionAbsoluteStyle function| getPositionRelativeStyle function| getGeneralStyle function| getLeftStyle function| getTopStyle function| getLeftTopWidthHeightStyle function| getZindexStyle function| getCursorStyle function| showLoading function| hideLoading function| getNforType function| togglePage function| getPrefMod function| mergeObjectData function| loadExternalFonts function| addExternalFontToStack function| loadGoogleFontsFirstRun function| loadGoogleFontsIncremental function| addCustomFontToStack function| isNullOrWhiteSpace function| initDatepicker object| PP_CUSTOM_JS object| COOKIE function| loadWidgetEditor boolean| IS_REDIRECTING object| KEEN_SCHEMA object| KEEN_CLIENT boolean| INIT_DEPENDENT_SCRIPTS_HAS_RUN number| IDLE_PERIOD number| IDLE_INTERVAL number| TOTAL_INTERVAL number| IDLE_TIME number| TOTAL_TIME object| GEO_IP object| PP_ANALYTICS string| SPLIT_ID object| PP_DATA string| CLIENT_GUID object| INTEGRATIONS object| PP_SUBMIT string| PREF object| PC_ALL_LISTS object| PC_ORIGINAL_LISTS object| PC_FINAL_LISTS object| PC_ORIGINAL_PROFILE object| PC_PROFILE_KEY_MAP boolean| PC_ERROR_PAGE_FINISHED string| EMAIL_GLOBAL object| COUPONS_FOR_SUBMIT object| COUPONS_FOR_DISPLAY boolean| processSubmitLock undefined| prop function| updateSettings function| buildStyles function| buildTextN function| buildHTMLN function| buildButtonN function| buildImageN function| buildFormN boolean| AreCheckboxChangesLocked function| buildFieldN function| buildHTMLItemAndEvalJSFromHtml function| buildButtonInteraction function| buildImageSource function| processDownload function| resizeImage function| getCleanFunctionNameToExecute function| executeFunctionByName function| isValidEmail function| getFormDataByKey function| getEmailFromFormDataOrPC function| validateForm function| evaluateFieldNCheckbox function| showSuccess function| showError function| checkPendingCouponsOnSubmit function| processSubmit function| getFieldValueByDataType function| afterSubmit function| pushToKeen function| changePages function| redirectPage function| buildCouponsDisplay function| buildCouponsSubmit function| findCouponsOnPages function| insertCouponCodeAsync function| replaceSpecialMergeTags function| keenPageDisplay function| keenPageSubmit function| keenPageRedirect function| keenPageDownload function| keenPageCustomEvent function| generateGuid function| afterDomLoaded function| loadAllClientSideDataFromCookie function| afterDomLoadedAndStorageLoadedAndPostMessageInit function| loadClientGuid function| areCookiesDisabled function| isPhone function| isTablet function| isMobile function| isDesktop function| initExitIntent function| analyticsAzureSubmit function| analyticsAzureRedirect function| analyticsAzureDownload function| analyticsAzureEvent function| analyticsAzureImagePixel function| initDependentScripts function| initAnalytics function| initKeen function| initKeenSchema function| updateKeenSchemaBeforeSending function| setKeenSchemaAfterGeoIpAndDevice function| startIdleTimer function| idleTimerIncrement function| totalTimerIncrement function| PUSHPLANET_ANALYTICS function| KeenAsync object| ep5l object| el_dims number| CURRENT_WIDTH number| CURRENT_HEIGHT string| CURRENT_PAGE function| bt object| _bt object| __core-js_shared__

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.preferences.creditcards.salliemae.com/	1970-01-23 18:05:49	Name: pp_data Value: N4IgxgNglgpgdgFwPoHMCuUAmIBcICGAnACwAcYARhQEwC0AbPQKwAMtxAZkwIy2EDsjWt3r9-FAMz1imfB3rDmLJqUKiy.UiAA0IFDAD2uUFAAOuEN1JMAdNW4Sb3JrZESd4I3gCiAVQ9gYBYAyt4BcCEA7jCY8B4AThF4HgDOFgHpugBemSAQ-Ai4TIQ2EtTE.LoQBklWNsr0ugC2Qcm6CDk-aPEGpjAA9MEIBmAA1gAWBhBNHvitICAAvrqyxgQWtB4oGx7jFgByACoABNws9R6jFgDiBgYoEDAeM3hn5-dkajb8TB5JIABhcY9JpPXReQHAgyg460Y4AdSgcEwBkiaV0AEcdroAG7YkAAD3xAE8LIjkaiUqcWLN8Pi5vTsHgACIwFKjYbmXRyHbLcDdeLwQo4UCmUwINI4ESsFRqfhkUjEXSmHFgRC4bi6FKS6XKVTqUiK5U9YUgcYIBCmFJ4FbQiymQUcGCCuBgNk2MCCzBQBBgfDxTApGwpfAQaAwJr4GAeu26eLdCC5CAJiz9DwQCUapSyg1GkCxPEstkc3r9AAy-HFvQ8BklIDLSLQRN0FFNQJBYJAFELb10ZgsVls9kczlc9Hcun0BiQYAhfi2hhn81CC-naqiMTik8XiVyU6QddXM73i86C230.ywuKpXKlT0i-qtVI9SYjQf05aJ-nHQs3m6vQDEMIwTFMMwXkgDJtCApgpjgADaIBpgAunyDowDiUAGGgkqgLIxKSvBuo5vKhr0KhixAA___
			.salliemae.com/	1970-01-20 11:15:25	Name: btIdentify Value: 8157eeac-835a-42a6-91ad-5d1dbd0b549c
			.salliemae.com/	1970-01-20 02:29:53	Name: _bts Value: ed6f54f7-145a-46b0-abc8-9c33a9eea9ca
			.salliemae.com/	1970-01-20 11:15:25	Name: _bti Value: %7B%22app_id%22%3A%22salliemae-creditcard%22%2C%22bsin%22%3A%22Lo4hQiCeOTeP6uaePjVETDe1RdNDk51WdzMcWN0Fs4bMM6acDgXVV60%2BipVG8Ex7KA5R92GVh2Ewa%2FBOOMIzBA%3D%3D%22%2C%22is_identified%22%3Atrue%2C%22user_id%22%3A%22%C2%9E%C3%A9e%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.boomtrain.com
cdn.pushplanet.com
d26b395fwzu5fz.cloudfront.net
events.api.boomtrain.com
people.api.boomtrain.com
preferences.creditcards.salliemae.com
s3.pushplanet.com
104.16.110.133
104.16.111.133
108.138.7.32
2a00:1450:4001:803::200a
34.195.203.63
52.222.206.199
54.82.242.45
0543bcb916fda984fdef0aeabf45aa0b28fdf1138d83293fb2678e6e130024b2
0e5156e7d175da23ba2902f52d3a1f7205f8b6dcb7cba35fb8c5e3049b8e9105
146db275e36157aeae59496c7f9ac43e67a970b40cd7f9eb145876c37f37bfe1
5372ffc57e4f3bc804a8c551789de70dbc439b34f4b707024bddb765a75e86db
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5bba92f99f2514add495efe994a74f8602180e17ff646d9d4260f3bc8302f043
601f66b38d2e6cc6caf30b751bc9393f83b511acb5fdf0bfa2d68e8e08a7238b
6178657dd9044c17dc5ec710b2c0399e50e9a9bad9f45ae0d51f8a0876f03d8d
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8de3890a2d314f09dd381629df8a4089a12837d58498de756b17b77f3405e912
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
bb51992f64812a727297246fb47264f221c4d343d9db193da2cc10358fa15b98
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d19b3b372917199129f17f7ae7779a0b55431fc7540f35a812c1ae25bb812d74
eaedea9e050d9b0f5b119b7bb8d3ea803abba0a0b90e438cfde14918a12ba7ab