s3.us-east-005.backblazeb2.com Open in urlscan Pro
149.137.137.254  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

• https://idsync.rlcdn.com/711482.gif?partner_uid=Kk8LBmqpk3hDuDcouNszIt-kwYMKnAGEbMj0D8n9fQ6yr3X_cozffg&gtmcb=449127469 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CLq2KxJCCj4IARCDkAoaNktrOExCbXFwazNoRHVEY291TnN6SXQta3dZTUtuQUdFYk1qMEQ4bjlmUTZ5cjNYX2NvemZmZxAAGg0Ixp6moQYSBQjoBxAAQgBKAA

Request Chain 64

• https://ad.doubleclick.net/ddm/trackimp/N3282.520089GOBANKINGRATES.COM/B27472238.346521115;dc_trk_aid=524473760;dc_trk_cid=168772435;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N3282.520089GOBANKINGRATES.COM/B27472238.346521115;dc_pre=CNqB67Oyi_4CFeIPcQodjEELTg;dc_trk_aid=524473760;dc_trk_cid=168772435;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 65

• https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008672;dc_trk_aid=545611331;dc_trk_cid=183527792;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008672;dc_pre=CIqJ67Oyi_4CFYOFswodWa8Ieg;dc_trk_aid=545611331;dc_trk_cid=183527792;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=

Request Chain 66

• https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354351732;dc_trk_aid=545611625;dc_trk_cid=183327766;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354351732;dc_pre=COWH67Oyi_4CFYKSnwodbiYJ4w;dc_trk_aid=545611625;dc_trk_cid=183327766;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=

Request Chain 67

• https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008540;dc_trk_aid=545731492;dc_trk_cid=183528035;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008540;dc_pre=CM6J67Oyi_4CFUj1swodN9MKSw;dc_trk_aid=545731492;dc_trk_cid=183528035;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=

Request Chain 71

• https://us-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAYsaQ62NPfgr1RV-yRKro4&google_cver=1

Request Chain 74

• https://gum.criteo.com/sid/json?origin=publishertag&domain=backblazeb2.com&sn=ChromeSyncframe&so=0&topUrl=s3.us-east-005.backblazeb2.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=tSfqhHxjZUxVR0ZIWVUrU1lkYXFXbkRLSFFDS0QydllyelZVN1haRDJtNFlGT3ZNUnJZc2lFRENiNnlVa29QNElKZm5LWVM1YmIyVUlYbkR4MnhGSjIvTU1TNTdIWkl4MWJVcENwRW45ajB5VHpMVGNyZGllUU5vYUxHcWwxbHBzU1FiT2xqRm12dzRqdWdyTkk5WEh0OU1QUGkvVzYxb2E5TnJ1RTZTN2NhU1VzYVVERk9SZ0NSTjYvcytkSkFoZ0IvNnJBL1NtZlhYckRXUFFraEp0UVVabHlUbmlUd3dEOVY0bnplSTZqVzV5bG5iL3c3RjdsbTlwZEtZb3pXMUZKdmNpVmhpZ2xQd0JReGxtUFg5dUtpRS9iMEZZby9nWEpsblYvaTJjTmw2STFkOD18&cppv=2

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200	Primary Request index.html Show response s3.us-east-005.backblazeb2.com/4tc1h05fmz/	18 KB 18 KB	97ms 32ms	Document text/html	149.137.137.254 BACKBLAZE
General Check archive.org Show headers Download Go to Full URL https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.137.137.254 , United States, ASN40401 (BACKBLAZE, US), Reverse DNS s3.us-east-005.backblazeb2.com Software / Resource Hash 3284385c4c7720057ab36bd8d59131b7ecb48556da70992813df3de2d0059315 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 17953 Content-Type text/html Date Sun, 02 Apr 2023 14:20:53 GMT ETag "09af815d1c62028edf346a5f346e648a" Keep-Alive timeout=5 Last-Modified Fri, 31 Mar 2023 21:29:04 GMT x-amz-id-2 aN01m3jYZOIIzTGGyZa5hF2FeMWk29zZL x-amz-request-id 5673a46f672e17ed x-amz-version-id 4_z877fe6c8932a3e9a8a710616_f113de208b05ff9cd_d20230331_m212904_c005_v0501005_t0043_u01680298144577
GET H2	200	comcast-common.js Show response dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/	178 KB 91 KB	55ms 14ms	Script application/javascript	2606:4700:3032::ac43:c14f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Requested by Host: s3.us-east-005.backblazeb2.com URL: https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5cc036feb447b596a74de5f8aaa03463431ead887c97c84ada60b73a6f31d4d4 Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sun, 02 Apr 2023 14:20:53 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Mar 2023 23:39:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 446243 etag W/"64222932-2c8e5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icxmFtwLVBN04RgG5D12Xj2Vhqa2b9FgYeLU86qCPlpkwRmccb3iPbh5SRzVXojAh2JRwEYo5A7hKtTyHRd4IdCrcahhjxAJFvNyYBJ4Yaw6OFZ6CGSSg27uI2RqIuwoLJxFr7dYo6FnPYxyVu3i965Z2e4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 7b19b7136dd63308-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	400	satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js s3.us-east-005.backblazeb2.com/assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/	0 0	19ms 18ms	Script application/xml	149.137.137.254 BACKBLAZE
General Check archive.org Show headers Download Go to Full URL https://s3.us-east-005.backblazeb2.com/assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js Requested by Host: s3.us-east-005.backblazeb2.com URL: https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.137.137.254 , United States, ASN40401 (BACKBLAZE, US), Reverse DNS s3.us-east-005.backblazeb2.com Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sun, 02 Apr 2023 14:20:53 GMT Cache-Control max-age=0, no-cache, no-store Connection close x-amz-request-id a5b0b05eae777b38 Content-Length 167 x-amz-id-2 adctuvmvSbudvxncTbtw= Content-Type application/xml
GET H2	200	/ Show response static.cimcontent.net/data-layer/	98 KB 29 KB	114ms 14ms	Script application/javascript	2600:141b:13:794::30d4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.cimcontent.net/data-layer/ Requested by Host: s3.us-east-005.backblazeb2.com URL: https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:794::30d4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 4721bafc104ab897956aad68d58c26d5dfcc360680d6829eca4d6f854e2cc71f Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers x-amz-version-id EqWSDz4k5VA3gFqheYuD0Zg5c1yoOvMy content-encoding gzip date Sun, 02 Apr 2023 14:20:53 GMT last-modified Mon, 13 Feb 2023 19:40:24 GMT server AmazonS3 x-amz-cf-pop JFK50-P2 etag "72ece1926ae8c9c62f9b34599b72b66d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id Ph95nvw3vwEImAbuA-ynyK5aKIeKvvcscfd0u2jhciD54clNqev6YQ== content-length 29047
GET H2	200	fonts-remote.min8455.css dekalbcountygagov.com/email-list/xfinitydcnjdf/static/css/junket/	3 KB 840 B	49ms 10ms	Stylesheet text/css	2606:4700:3032::ac43:c14f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/css/junket/fonts-remote.min8455.css?v=9e94929 Requested by Host: s3.us-east-005.backblazeb2.com URL: https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:53 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Mar 2023 23:39:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 431253 etag W/"64222932-d2f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiPxiOsNwEiBHpIKV85708L77kPts8%2FF0n2OiA2tZ5wkl70d8OQo7aowl3L6GwEknG1HRmZGvreGTRmXwHFLWWykWh8IR%2Bgtv%2FTTe8gBaPwTaOS5bzA%2FXpo6H%2B1NuZA0qGM5J77rW%2FMJF0I6IVwUbcah6c8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 7b19b7136dd33308-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	styles-light.min8455.css dekalbcountygagov.com/email-list/xfinitydcnjdf/static/css/junket/	44 KB 12 KB	51ms 11ms	Stylesheet text/css	2606:4700:3032::ac43:c14f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/css/junket/styles-light.min8455.css?v=9e94929 Requested by Host: s3.us-east-005.backblazeb2.com URL: https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f0b93d0bbfb7b752c7aa3254f290442661bd8ca50da75094df5fef7fdc1fb26 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:53 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Mar 2023 23:39:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 431252 etag W/"64222932-b187" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMfvZiZhxXSzz%2BTz3YTH3NSk2MgEuLaPiJblnZ9EtFk1qdFWBOi61RcwrdhpDMRpzRbrDaXOA4PPap8fDoKOv%2FtbC6J4%2FAhnrjKcJ0TCykOMkeA5PNCJD3BZW%2FurzJfIU26gsafOZvGiJ9xf%2Fldf9XHfqnc%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 7b19b7136dd43308-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367 Show response scripts.webcontentassessor.com/scripts/	274 KB 69 KB	34ms 4ms	Script application/javascript	151.101.2.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367 Requested by Host: s3.us-east-005.backblazeb2.com URL: https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 19b5434f5b71c6ae67e0ef2bf5c6b84d7dd5588c7d60f48eac68a0ccfba92952 Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers x-amz-version-id Z0zRZsioJTJJ_8o3gZK6P0aa5IZaJxux content-encoding gzip via 1.1 varnish date Sun, 02 Apr 2023 14:20:53 GMT x-amz-request-id K1V960A17CXY3HYK age 1038 x-amz-server-side-encryption AES256 x-cache HIT content-length 70558 x-amz-id-2 DWuyVzGlrjFE60J09PK2Uerxg8XtjuO1Uf+U8wx+ODXHh9me6dXAD+gHFU45EJ7SD9NfXhfnBTM= x-served-by cache-ewr18163-EWR last-modified Sun, 02 Apr 2023 13:49:52 GMT server AmazonS3 x-timer S1680445254.650221,VS0,VE0 etag "1d0dd0caae41ef59752aa1b15635162d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3600,stale-if-error=86400,stale-while-revalidate=3600 accept-ranges bytes x-cache-hits 6
GET H2	200	vm-login-form-ad.js Show response dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/	9 KB 4 KB	52ms 12ms	Script application/javascript	2606:4700:3032::ac43:c14f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/vm-login-form-ad.js Requested by Host: s3.us-east-005.backblazeb2.com URL: https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94075643c3fc5eab171f94cb8ffe3a639e7df9e8300b8c71d507ed6443085792 Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sun, 02 Apr 2023 14:20:53 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Mar 2023 23:39:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 431253 etag W/"64222932-2504" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25dQxYCSnne7xCXtiP0ijuw4mnohEzO3usw7w3ddcnecdUqqBveK9sT2XOrHQyxi0KrPeRLAFX%2BkNw%2FxZxItV2oUHeBbT1hqoeMdfeUnSa27BYLfomOuCMuXyE5ysgki6MhGTI2CC3pT8fAH%2BtIKfKhvlbY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 7b19b7136dd73308-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	23ms 5ms	Script text/javascript	2607:f8b0:4006:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: s3.us-east-005.backblazeb2.com URL: https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Fri, 31 Mar 2023 14:46:53 GMT content-encoding gzip x-content-type-options nosniff age 171240 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30399 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Mar 2024 14:46:53 GMT
OPTIONS H2	200	/ dl.cws.xfinity.com/event/ Frame	0 0	345ms 22ms	Preflight application/json	2600:1400:d:5a7::2c06 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dl.cws.xfinity.com/event/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:5a7::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method PUT Origin https://s3.us-east-005.backblazeb2.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods HEAD,OPTIONS,PUT access-control-allow-origin * content-length 0 content-type application/json date Sun, 02 Apr 2023 14:20:54 GMT x-amz-apigw-id CwNTAFvTIAMF7Sg= x-amz-cf-id hzvyQ0JcWS-N-F79Jxg4lIXtEvklfaj6OHmCOYnrTfd9hJVziLH-AA== x-amz-cf-pop EWR52-C1 x-amzn-requestid 618f682d-b1ce-49e1-90c9-3edacb659fdd
PUT H2	200	/ Show response dl.cws.xfinity.com/event/	166 B 546 B	63ms 62ms	XHR application/json	2600:1400:d:5a7::2c06 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dl.cws.xfinity.com/event/ Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:5a7::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f7fbfbed7a1e2a5910086245c5ebb302f237f51d95df80c1bbda7257af416e5e Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type application/json Response headers date Sun, 02 Apr 2023 14:20:54 GMT x-amz-cf-pop EWR52-C1 x-amzn-trace-id Root=1-64298f46-6e1030670a32a66e0fe7e3e3 x-amzn-requestid 9e789e8b-918c-4bbc-9ca8-69ffb62c9a96 access-control-max-age 86400 access-control-allow-methods GET,POST,PUT,HEAD content-type application/json access-control-allow-origin * access-control-allow-credentials false x-amz-apigw-id CwNTAGtmoAMF5rA= content-length 166 x-amz-cf-id MrU16HD0fhCn0gNE_fHDzwSZ-Lscq3Xh0yTn9d6dPLR6Mr7TJZ0WqA== access-control-allow-headers *
PUT H2	200	/ Show response dl.cws.xfinity.com/event/	110 B 490 B	57ms 57ms	XHR application/json	2600:1400:d:5a7::2c06 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dl.cws.xfinity.com/event/ Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:5a7::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 1e6fb19b1aedfc3dc6176f2a9c4389e448ad2d4731ac001ae47ee6ed86c434fc Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type application/json Response headers date Sun, 02 Apr 2023 14:20:54 GMT x-amz-cf-pop EWR52-C1 x-amzn-trace-id Root=1-64298f46-137990797e6f72823f272aea x-amzn-requestid 3d869ab4-07d9-4c0b-99fa-8780b224baed access-control-max-age 86400 access-control-allow-methods GET,POST,PUT,HEAD content-type application/json access-control-allow-origin * access-control-allow-credentials false x-amz-apigw-id CwNTAGtnoAMFauw= content-length 110 x-amz-cf-id 0XXM5S5gk2t8YOzZTemQugIS7uxpNyNX1FBKK1bP2YB3tNi35fd7zg== access-control-allow-headers *
OPTIONS H2	200	/ dl.cws.xfinity.com/event/ Frame	0 0	345ms 23ms	Preflight application/json	2600:1400:d:5a7::2c06 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dl.cws.xfinity.com/event/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:5a7::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method PUT Origin https://s3.us-east-005.backblazeb2.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods HEAD,OPTIONS,PUT access-control-allow-origin * content-length 0 content-type application/json date Sun, 02 Apr 2023 14:20:54 GMT x-amz-apigw-id CwNTAGqOIAMF7Fg= x-amz-cf-id lfE-IqiUMXwVieYnlFRKZOH7NMEaLVbwqUWoe1GchxIz7jwIcx7EXw== x-amz-cf-pop EWR52-C1 x-amzn-requestid 21c106ff-8fba-4d66-b589-640c4a58b199
PUT H2	200	/ Show response dl.cws.xfinity.com/event/	110 B 490 B	37ms 36ms	XHR application/json	2600:1400:d:5a7::2c06 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dl.cws.xfinity.com/event/ Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:5a7::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a1e6490c3db79a12e4165eaa6a064db111d8023c83dfba3095b6379d91733312 Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type application/json Response headers date Sun, 02 Apr 2023 14:20:54 GMT x-amz-cf-pop EWR52-C1 x-amzn-trace-id Root=1-64298f46-37d6ab7f78b27c173488cc24 x-amzn-requestid 6c725b0b-f42b-411a-a041-b63ba55e96c5 access-control-max-age 86400 access-control-allow-methods GET,POST,PUT,HEAD content-type application/json access-control-allow-origin * access-control-allow-credentials false x-amz-apigw-id CwNTAH9aoAMFYhQ= content-length 110 x-amz-cf-id ELXjXdyttmmjl7pfXEX1YVWXTjsh7vhZf60Jc5L2lD6rDhaK-fM8nw== access-control-allow-headers *
OPTIONS H2	200	/ dl.cws.xfinity.com/event/ Frame	0 0	354ms 51ms	Preflight application/json	2600:1400:d:5a7::2c06 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dl.cws.xfinity.com/event/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:5a7::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method PUT Origin https://s3.us-east-005.backblazeb2.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods HEAD,OPTIONS,PUT access-control-allow-origin * content-length 0 content-type application/json date Sun, 02 Apr 2023 14:20:54 GMT x-amz-apigw-id CwNTAErCIAMF5ew= x-amz-cf-id pjk4_vbjKRCQU_f2D4-wLEzoEANvd-OXgvoJuegxOJJAluUkbWDgvg== x-amz-cf-pop EWR52-C1 x-amzn-requestid fce5dbb2-bb0f-4ef1-af1c-bcecf825fa3f
GET H2	200	prebid.js Show response static.cimcontent.net/common-web-assets/ad-assets/prebid/	217 KB 70 KB	7ms 5ms	Script application/javascript	2600:141b:13:794::30d4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/vm-login-form-ad.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:794::30d4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash c0504d7450b72fc5d0a63cb367b201667e792b35bd38a37f01002583ff826f60 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id BALoLYjFSscdqPNtuDeC.igBQsqQ8Tr9 content-encoding gzip date Sun, 02 Apr 2023 14:20:53 GMT last-modified Wed, 01 Sep 2021 16:28:16 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 etag "7a495d9002d89d3c5e63ac7e274dbd44" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id sm9rumn4O8PIswNZR9O1AE0zfwFZg5R7ndQZaANjmNvNnHpiNLZMgA== content-length 71285
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	224 KB 55 KB	45ms 5ms	Script application/javascript	108.138.107.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/vm-login-form-ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.107.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-107-197.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 166c4acc79ffac3dff1faf406f4bd95b992ede10d7f64a17b6ce254f3e0e7c12 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:10:06 GMT content-encoding gzip via 1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront), 1.1 c824f42276c55792245504036b5383fa.cloudfront.net (CloudFront) last-modified Wed, 22 Mar 2023 19:30:00 GMT server AmazonS3 x-amz-cf-pop IAD89-P2, JFK50-P3 age 648 x-amz-server-side-encryption AES256 etag W/"d56f69f591501c51a51bb8f94f3df073" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id vJGAUvgFh-8X5TKWtVTW-YChjOUD2dJ6yDAVwjddifT23Was28BBVQ==
GET H/1.1	200 OK	ast.js Show response acdn.adnxs.com/ast/	98 KB 34 KB	49ms 5ms	Script application/javascript	96.6.22.203 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ast/ast.js Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/vm-login-form-ad.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 96.6.22.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-22-203.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 41619c2d0600e12b9c0d9eeeaa66abf1780048c0054e1b4f34253673a7177a8f Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sun, 02 Apr 2023 14:20:53 GMT Content-Encoding gzip Last-Modified Mon, 27 Mar 2023 13:20:36 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"64219824-188f9" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Length 34032 Expires Mon, 03 Apr 2023 14:20:55 GMT
GET H/1.1	200	index.html s3.us-east-005.backblazeb2.com/4tc1h05fmz/	18 KB 18 KB	71ms 29ms	Image text/html	149.137.137.254 BACKBLAZE
General Check archive.org Show headers Download Go to Show image Full URL https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Requested by Host: s3.us-east-005.backblazeb2.com URL: https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.137.137.254 , United States, ASN40401 (BACKBLAZE, US), Reverse DNS s3.us-east-005.backblazeb2.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id 4_z877fe6c8932a3e9a8a710616_f113de208b05ff9cd_d20230331_m212904_c005_v0501005_t0043_u01680298144577 Date Sun, 02 Apr 2023 14:20:53 GMT Last-Modified Fri, 31 Mar 2023 21:29:04 GMT x-amz-request-id a1d230cecfdd2af8 ETag "09af815d1c62028edf346a5f346e648a" Content-Type text/html Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 17953 x-amz-id-2 aN4Rm8jb+OFEz9WFsZQRh+2HhMT82PTbY
GET H2	200	XfinityStandard-Regular.woff2 static.cimcontent.net/fonts/latest/Xfinity_Standard/	26 KB 26 KB	15ms 4ms	Font font/woff2	2600:141b:13:794::30d4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2 Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/css/junket/fonts-remote.min8455.css?v=9e94929 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:794::30d4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176 Request headers Referer https://dekalbcountygagov.com/ Origin https://s3.us-east-005.backblazeb2.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF date Sun, 02 Apr 2023 14:20:53 GMT last-modified Fri, 24 Jan 2020 21:23:01 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 etag "e3e79cd377b28c1e7ffea64b194136cf" content-type font/woff2 access-control-allow-origin * cache-control max-age=631017 accept-ranges bytes content-length 26768 x-amz-cf-id 7ji2rF2ID1b0u9s-BvY6hxw0Z7XRfwLB_kv6J-FK9IsbTxFWHBJoIw==
GET DATA	200 OK	truncated /	933 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	XfinityStandard-Light.woff2 static.cimcontent.net/fonts/latest/Xfinity_Standard/	27 KB 27 KB	18ms 13ms	Font font/woff2	2600:141b:13:794::30d4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2 Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/css/junket/fonts-remote.min8455.css?v=9e94929 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:794::30d4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a Request headers Referer https://dekalbcountygagov.com/ Origin https://s3.us-east-005.backblazeb2.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id wnCwOacXycelzt78IMkr55wWB9WkMd2W date Sun, 02 Apr 2023 14:20:53 GMT last-modified Fri, 24 Jan 2020 21:23:01 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 etag "f05d3ebe80809d82ab14d62a79da544e" content-type font/woff2 access-control-allow-origin * cache-control max-age=511550 accept-ranges bytes content-length 27420 x-amz-cf-id KpS8Spp3hb7soAiUaTCzkhQgN7EKFwwrPTOlEJcK2hTjKISVPAKofw==
GET H2	200	XfinityStandard-Medium.woff2 static.cimcontent.net/fonts/latest/Xfinity_Standard/	27 KB 27 KB	12ms 7ms	Font font/woff2	2600:141b:13:794::30d4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2 Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/css/junket/fonts-remote.min8455.css?v=9e94929 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:794::30d4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228 Request headers Referer https://dekalbcountygagov.com/ Origin https://s3.us-east-005.backblazeb2.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id 6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40 date Sun, 02 Apr 2023 14:20:53 GMT last-modified Fri, 24 Jan 2020 21:23:01 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 etag "13709eac065721ba8cd0e2d1b6fa8026" content-type font/woff2 access-control-allow-origin * cache-control max-age=687037 accept-ranges bytes content-length 27152 x-amz-cf-id fUQpBI5sB2TqmXwSxA0W6LbWNT2JUXt-ia1XKfyPTMftZ612H8RISw==
POST H2	200	cdb Show response bidder.criteo.com/	18 B 328 B	31ms 10ms	XHR application/json	2620:100:a001::18 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=17&wv=2.26.0&cb=68081019587 Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers date Sun, 02 Apr 2023 14:20:53 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Finatra vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://s3.us-east-005.backblazeb2.com access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * content-length 44
POST H2	204	v2 Show response e.serverbid.com/api/	0 198 B	51ms 4ms	XHR text/plain	159.89.246.130 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://e.serverbid.com/api/v2 Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://s3.us-east-005.backblazeb2.com date Sun, 02 Apr 2023 14:20:53 GMT access-control-allow-credentials true access-control-allow-headers origin, content-type, accept access-control-max-age 10080 access-control-allow-methods GET, POST, OPTIONS
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	304 B 883 B	201ms 22ms	XHR application/json	2602:803:c002:200::113 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11648&site_id=248132&zone_id=1228140&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F4tc1h05fmz%2Findex.html&tk_flint=pbjs_lite_v2.26.0&x_source.tid=922623fb-3d36-40cb-b629-118f60ece151&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9952560439382145 Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 092ab25f1a7b51216576558b86d5f6951177ec4cc8383a7f70b3f67f29335b74 Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 02 Apr 2023 14:20:54 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://s3.us-east-005.backblazeb2.com p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 304 expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	arj Show response comcast-d.openx.net/w/1.0/	173 B 599 B	53ms 34ms	XHR application/json	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comcast-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F4tc1h05fmz%2Findex.html&jr=&ch=windows-1252&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=922623fb-3d36-40cb-b629-118f60ece151&nocache=1680445253920&aus=300x600%2C300x250&divIds=ad-block&auid=540654279& Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 9382fcbe759ad1e11a5ed50c5470d2c9f5fcc0ab72c56849e5e60963028b6196 Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 02 Apr 2023 14:20:53 GMT content-encoding gzip via 1.1 google server OXGW/0.0.0 vary Accept, Accept-Encoding content-type application/json p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://s3.us-east-005.backblazeb2.com cache-control private, max-age=0, no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 163 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 322 B	5ms 5ms	XHR text/plain	108.138.107.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=3338&u=https%3A%2F%2Fs3.us-east-005.backblazeb2.com Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.107.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-107-197.jfk50.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 09:51:56 GMT via 1.1 c824f42276c55792245504036b5383fa.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P3 age 16137 x-cache Hit from cloudfront access-control-allow-origin https://s3.us-east-005.backblazeb2.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id 1SU7Hh3TgaX9bafyc4vpKk_jF7cykVHsKAdWFFZxAjSkDpMW2mq6XQ==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 474 B	83ms 21ms	XHR text/javascript	18.164.111.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=3338&u=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F4tc1h05fmz%2Findex.html&pid=qNDFff6fzN17F&cb=0&ws=1600x1200&v=23.320.1710&t=1500&slots=%5B%7B%22sd%22%3A%22ad-block%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.111.219 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-111-219.jfk50.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:54 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 86a640712a72b4264f1681744fa48612.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P6 x-amz-rid S977FMJWHGQSD6KFK5PQ vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://s3.us-east-005.backblazeb2.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id 4AA-N351D5oXXZ5U8H4lgRCVQNGj5HssTIF2K0vKhAWSXBXmlfnpjg==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	15ms 4ms	XHR application/javascript	108.138.107.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.107.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-107-197.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id JWp1qp7MFzulJHtnMcdn8BBX506LKUt8 content-encoding gzip via 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront) date Sun, 02 Apr 2023 14:14:41 GMT x-amz-cf-pop JFK50-P3 age 373 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 28 Mar 2023 02:10:35 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id 7GvlNPRi-TPVG5DUlMijNvIE83Lc_F6EaMGu4B5rA299u9JwBD0DVA==
OPTIONS H2	200	/ dl.cws.xfinity.com/event/ Frame	0 0	188ms 21ms	Preflight application/json	2600:1400:d:5a7::2c06 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dl.cws.xfinity.com/event/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:5a7::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method PUT Origin https://s3.us-east-005.backblazeb2.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods HEAD,OPTIONS,PUT access-control-allow-origin * content-length 0 content-type application/json date Sun, 02 Apr 2023 14:20:54 GMT x-amz-apigw-id CwNTAGfyoAMFoNg= x-amz-cf-id bC5uk97hh-0hzVIoyMG6IWsKX3mo_hAkk1J-1Jd6XapbA1gOnkCn3g== x-amz-cf-pop EWR52-C1 x-amzn-requestid d6920f31-c7f6-4fff-9ba4-358a81d80d64
PUT H2	200	/ Show response dl.cws.xfinity.com/event/	110 B 491 B	56ms 54ms	XHR application/json	2600:1400:d:5a7::2c06 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dl.cws.xfinity.com/event/ Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:5a7::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 2dee02c4f754febed3f9fc27af4a0034ededf856998806795c8906e501d4af79 Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type application/json Response headers date Sun, 02 Apr 2023 14:20:54 GMT x-amz-cf-pop EWR52-C1 x-amzn-trace-id Root=1-64298f46-4edc5f560d54c7e4481edfda x-amzn-requestid 924ee63c-e976-458d-bb38-49f9f4167ff4 access-control-max-age 86400 access-control-allow-methods GET,POST,PUT,HEAD content-type application/json access-control-allow-origin * access-control-allow-credentials false x-amz-apigw-id CwNTAGKxoAMFnmA= content-length 110 x-amz-cf-id DR95b3D0w76Z5ddKx0cAQtkI5EA3JTVKuLGW8ou3SqLoHj_NQdwl2g== access-control-allow-headers *
POST H/1.1	200 OK	v3 Show response ib.adnxs.com/ut/	12 KB 6 KB	88ms 67ms	XHR application/json	68.67.179.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3 Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.179.89 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 2f9be422eca1111082c1bca6d272c65c87b2ece0bee568463ebcf6573c6a514e Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://s3.us-east-005.backblazeb2.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers Date Sun, 02 Apr 2023 14:20:54 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 5.181.234.132; 5.181.234.132; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid b6e45d29-6c0d-4ed5-bb61-b04c9fa8ec17 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://s3.us-east-005.backblazeb2.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	962af711-38ff-11ed-9a44-0a919b37cd73 Show response products.gobankingrates.com/pub/ Frame 212B	3 KB 2 KB	34ms 8ms	Document text/html	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} Requested by Host: scripts.webcontentassessor.com URL: https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 92d2f5082d0c51644b03e8de2acdbeb31b63d3169e3f489b248f44d995dbd3bf Request headers Referer https://s3.us-east-005.backblazeb2.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 4 cache-control max-age=60 content-encoding gzip content-type text/html date Sun, 02 Apr 2023 14:20:54 GMT etag W/"5c3c019c30d4b0b43085ed0494855531" last-modified Wed, 29 Mar 2023 21:17:45 GMT server AmazonS3 vary Accept-Encoding via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) x-amz-cf-id Kk8LBmqpk3hDuDcouNszIt-kwYMKnAGEbMj0D8n9fQ6yr3X_cozffg== x-amz-cf-pop EWR50-C1 x-cache Hit from cloudfront
GET H2	200	moatad.js Show response z.moatads.com/comcastappnexusdisplay765226596515/ Frame 9943	0 253 B	42ms 3ms	Script application/x-javascript	96.6.23.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/comcastappnexusdisplay765226596515/moatad.js Requested by Host: scripts.webcontentassessor.com URL: https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.6.23.180 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-23-180.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:54 GMT last-modified Wed, 06 May 2020 16:15:19 GMT server AmazonS3 x-amz-request-id 177D1BC053B8BEF3 etag "d41d8cd98f00b204e9800998ecf8427e" content-type application/x-javascript cache-control max-age=25871 accept-ranges bytes content-length 0 x-amz-id-2 1om4nc9OsQc/u8ESxPXV4MCH8Ne0mwFMBGsMSJ9zEPaaFBGmCZl73yXBG76DAt/DFOmGM3Bht2w=
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/231/ Frame 9943	80 KB 27 KB	36ms 11ms	Script application/x-javascript	96.6.22.203 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/231/trk.js Requested by Host: scripts.webcontentassessor.com URL: https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 96.6.22.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-22-203.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sun, 02 Apr 2023 14:20:54 GMT Content-Encoding gzip Last-Modified Wed, 30 Nov 2022 10:07:25 GMT Server AkamaiNetStorage ETag "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 27455 Expires Mon, 01 Apr 2024 14:20:54 GMT
GET H/1.1	200 OK	it nym1-ib.adnxs.com/	0 931 B	22ms 5ms	Image text/html	68.67.160.132 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F4tc1h05fmz%2Findex.html&e=wqT_3QK8Cnw8BQAAAwDWAAUBCMaepqEGELPT3evp6IOYQBgAKjYJAAUBCPg_EQUIMAD4PxkAAADA9Sj4PyEREgApEQkAMREbqDD-x5MHONQ7QNQ7SAJQ3I3GzAFYmZxuYABolL5jeKzKBYABAYoBA1VTRJIFBvBMmAGsAqAB2ASoAQGwAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDY2MjAzMTQsIDApO3VmKCdpJywgODE5NTY3OSwgMCkFFCxnJywgMjA4MTYxMzUVKTByJywgNDI4OTY3NjQ0BRb0DgGSAp0EITMyS0FmQWlaMHRBYUVOeU54c3dCR0FBZ21aeHVNQUE0QUVBRVNOUTdVUDdIa3dkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkFhZ0JBN0FCQUxrQnZ0Qk14UUFBLURfQkFiN1FUTVVBQVBnX3lRRmdTOWhRQkIzeFA5a0JBQUFBQUFBQThEX2dBZC1jOUFQMUFRQUFBQUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdISUFnSFFBZ0hZQWdIZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsT1dVMHlPalUwTnpUZ0E1c19nQVFBaUFRQWtBUUFtQVFCd1FRQUFBAX4UQUFBTWtFAQcJARREWUJBRHgVnShBQUFpQVhpS3FrRgEMAQEUOEQteEJRAQoJAQh3UVUJCQEBAE0ZKAxBQURSLigAADIuKAC4T0FGOEpNSjhBV0h3dllKLUFXYWlaUURnZ1lEVlZORWlBWUFrQVlCbUFZQW9RWUEBWzhBQUQ0UDZnR0FiSUdKQWsJEwEBAEIdvwRCawESCQEAQx0YyExnR0hQZ0h4TlFJLUFmeDRRajRCNWpqQ1BnSDN1OEktQWVQOXdnLpoCmQEheVJENER3aTYhAihKbWNiaUFFS0FBeAleXEFBLUQ4NkNVNVpUVEk2TlRRM05FQ2JQMBGBEER3UDFFESsIQUFGERgMQUFBRx0YAEcdGABIHRgQSGdBaVEdEPDlQS4u2ALuY-ACkZw86gI8aHR0cHM6Ly9zMy51cy1lYXN0LTAwNS5iYWNrYmxhemViMi5jb20vNHRjMWgwNWZtei9pbmRleC5odG1sgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTUuMTgxLjIzNC4xMzKoBACyBBAIABABGPgKIKAGKAAwADgCuAQAwAQAyAQA0gQONzYzNiNOWU0yOjU0NzTaBAIIAeAEAfAE3I3GzAGIBQGYBQCgBf___________wHABQDJBQCFWxDwP9IFCY2KcAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGBS4sAPA_0AaHJ9oGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6zKBdIHDRViASYI2gcGAV10GADgBwDqBwIIAPAHj-CrCooIAhAAlQgAAIA_mAgB&s=46f5c770caed5b6479a4e2504a17c88de26ed3a4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Sun, 02 Apr 2023 14:20:54 GMT AN-X-Request-Uuid 9bfe20fc-56dd-4579-843a-8c12c507935a Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 5.181.234.132; 5.181.234.132; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	main.css products.gobankingrates.com/versions/3.25.0/static-css/ Frame 212B	19 KB 5 KB	11ms 10ms	Stylesheet text/css	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/versions/3.25.0/static-css/main.css?bf1bff89717eda4e2a26 Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 2c2f3ff3266f2ef89ffb65806244216f162b7155968b5471097cab8d3ff90cb9 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 21:17:55 GMT content-encoding gzip via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) last-modified Wed, 29 Mar 2023 20:50:23 GMT server AmazonS3 x-amz-cf-pop EWR50-C1 age 320580 etag W/"0e2c879aac464b5e4c2adefc98290ffc" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=31557600 x-amz-cf-id 3OP0ENhA7dM-BEpyU5Fe_xx9Qtq57GN4y-C0P1CGSzLfF3BAYYSjBA==
GET H2	200	runtime~main.js Show response products.gobankingrates.com/versions/3.25.0/static-js/ Frame 212B	6 KB 2 KB	12ms 11ms	Script application/javascript	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/versions/3.25.0/static-js/runtime~main.js?bf1bff89717eda4e2a26 Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 5f34f4f992f7f2f0386c44d3d7b4a4365da4c6027baab7e50792f2b97f5a9356 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 21:17:55 GMT content-encoding gzip via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) last-modified Wed, 29 Mar 2023 20:50:25 GMT server AmazonS3 x-amz-cf-pop EWR50-C1 age 320580 etag W/"8c8dea94b9e7d84fd654cc9f66e37b90" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31557600 x-amz-cf-id sg43GbVwAa_JiXvlyDiqQf60gZH7I5GO83zI5okBOQHI01zfFH-jlA==
GET H2	200	vendors~main.js Show response products.gobankingrates.com/versions/3.25.0/static-js/ Frame 212B	1 MB 342 KB	13ms 12ms	Script application/javascript	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/versions/3.25.0/static-js/vendors~main.js?bf1bff89717eda4e2a26 Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 19fe70470f8bd37e16139cee33d6e4008dd2564379552c56361020909782b3f5 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 21:17:55 GMT content-encoding gzip via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) last-modified Wed, 29 Mar 2023 20:50:27 GMT server AmazonS3 x-amz-cf-pop EWR50-C1 age 320580 etag W/"01c8d9f15f9ff15053741e30f81ad639" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31557600 x-amz-cf-id Y28-vDhjScSkcz5F3L2Og4sbi_oF0uoLr2cRW07ZprthXZ08Tb1-Xg==
GET H2	200	main.js Show response products.gobankingrates.com/versions/3.25.0/static-js/ Frame 212B	199 KB 44 KB	24ms 24ms	Script application/javascript	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/versions/3.25.0/static-js/main.js?bf1bff89717eda4e2a26 Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 235ede598acfa17cb70cb2e3a4516e07e46338716f0862054fafec5583befd19 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 21:17:55 GMT content-encoding gzip via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) last-modified Wed, 29 Mar 2023 20:50:25 GMT server AmazonS3 x-amz-cf-pop EWR50-C1 age 320580 etag W/"cf54daf10366845b37b69ee433605091" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31557600 x-amz-cf-id wc0GANuGfWcEG0zNxqeyeCUCQVQlvInfg5MZygvVEX0PYnLbHTa1jg==
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 212B	248 KB 87 KB	39ms 18ms	Script application/javascript	2607:f8b0:4006:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KDRQDVW Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3855892363985be8a49a471b3f7fb3ea45fd54eba5df63c7afe61057935aacd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 89057 x-xss-protection 0 last-modified Sun, 02 Apr 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 02 Apr 2023 14:20:54 GMT
GET H/1.1	200 OK	rd_log Show response nym1-ib.adnxs.com/ Frame 9943	0 931 B	6ms 6ms	Script text/html	68.67.160.132 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F4tc1h05fmz%2Findex.html&e=wqT_3QL1DHx1BgAAAwDWAAUBCMaepqEGELPT3evp6IOYQBgAKjYJAAUBCPg_EQUIMAD4PxkAAADA9Sj4PyEREgApEQkAMREbqDD-x5MHONQ7QNQ7SAJQ3I3GzAFYmZxuYABolL5jeKzKBYABAYoBA1VTRJIFBvBMmAGsAqAB2ASoAQGwAQC4AQHAAQPIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDY2MjAzMTQsIDApO3VmKCdpJywgODE5NTY3OSwgMCkFFCxnJywgMjA4MTYxMzUVKTByJywgNDI4OTY3NjQ0BRb0DgGSAp0EITMyS0FmQWlaMHRBYUVOeU54c3dCR0FBZ21aeHVNQUE0QUVBRVNOUTdVUDdIa3dkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkFhZ0JBN0FCQUxrQnZ0Qk14UUFBLURfQkFiN1FUTVVBQVBnX3lRRmdTOWhRQkIzeFA5a0JBQUFBQUFBQThEX2dBZC1jOUFQMUFRQUFBQUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdISUFnSFFBZ0hZQWdIZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsT1dVMHlPalUwTnpUZ0E1c19nQVFBaUFRQWtBUUFtQVFCd1FRQUFBAX4UQUFBTWtFAQcJARREWUJBRHgVnShBQUFpQVhpS3FrRgEMAQEUOEQteEJRAQoJAQh3UVUJCQEBAE0ZKAxBQURSLigAADIuKAC4T0FGOEpNSjhBV0h3dllKLUFXYWlaUURnZ1lEVlZORWlBWUFrQVlCbUFZQW9RWUEBWzhBQUQ0UDZnR0FiSUdKQWsJEwEBAEIdvwRCawESCQEAQx0YyExnR0hQZ0h4TlFJLUFmeDRRajRCNWpqQ1BnSDN1OEktQWVQOXdnLpoCmQEheVJENER3aTYhAihKbWNiaUFFS0FBeAleXEFBLUQ4NkNVNVpUVEk2TlRRM05FQ2JQMBGBEER3UDFFESsIQUFGERgMQUFBRx0YAEcdGABIHRgQSGdBaVEdEPBYQS4u2ALuY-ACkZw86gI8aHR0cHM6Ly9zMy51cy1lYXN0LTAwNS5iYWNrYmxhemViMi5jb20vNHRjMWgwNWZtei9pbmRleC5odG1s8gIRCgZBRFZfSUQSBzZpXhzyAhIKBkNQRwEUAAhxShjyAhEKBUNQBRQwNTU4NDcxOTPyAg0KCAE9GEZSRVESATAFEBxSRU1fVVNFUgUQAAwJIChDT0RFEgDyAhUKCAFYBQ9ACTI3NDQzODItMfICCwoHQ1AJFxwA8gIQCgVJTwFpCAc4MWXbAXwIB0lPCSFoBjU2MTcwMvICEwoPQ1VTVE9NX01PREVMX0lEAT0IGgoWMhYAHExFQUZfTkFNBYAIHgoaNh0ACEFTVAE-DElGSUUFPhwNCghTUExJVAFN8KoBMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA01LjE4MS4yMzQuMTMyqAQAsgQQCAAQARj4CiCgBigAMAA4ArgEAMAEAMgEANIEDjc2MzYjTllNMjo1NDc02gQCCAHgBAHwBNyNxswBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAClhmTYBQHgBQHqBQwKB2Ftem5iaWQSATLqBQoKBQEPYHASATLwBQH6BQQIABAAkAYAmAYAuAYAwQYFPCwA8D_QBocn2gYWChAJERkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHrMoF0gcNzSUAAAUmCNoHBgFddBgA4AcA6gcCCADwB4_gqwqKCAIQAJUIAACAP5gIAQ..&s=d7f4468fe499ca26b5e292a4208a8ff5639d18d1&bdref=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F4tc1h05fmz%2Findex.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F4tc1h05fmz%2Findex.html,https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F4tc1h05fmz%2Findex.html& Requested by Host: scripts.webcontentassessor.com URL: https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Sun, 02 Apr 2023 14:20:54 GMT AN-X-Request-Uuid 8615cdbb-edb7-4037-b9a4-f5853dc5663c Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 5.181.234.132; 5.181.234.132; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame 212B	3 KB 1 KB	53ms 20ms	Stylesheet text/css	2607:f8b0:4006:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300 Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73?ct_url=${CLICKURL} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 51870d7e59ff8990628625452ce7a87b1ad6307ba9f087feebcd60b81c0708e9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 02 Apr 2023 14:20:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 02 Apr 2023 12:42:06 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 02 Apr 2023 14:20:54 GMT
POST H/1.1	200 OK	vevent nym1-ib.adnxs.com/ Frame 9943	0 968 B	12ms 10ms	Ping text/html	68.67.160.132 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F4tc1h05fmz%2Findex.html&e=wqT_3QK8Cnw8BQAAAwDWAAUBCMaepqEGELPT3evp6IOYQBgAKjYJAAUBCPg_EQUIMAD4PxkAAADA9Sj4PyEREgApEQkAMREbqDD-x5MHONQ7QNQ7SAJQ3I3GzAFYmZxuYABolL5jeKzKBYABAYoBA1VTRJIFBvBMmAGsAqAB2ASoAQGwAQC4AQHAAQPIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDY2MjAzMTQsIDApO3VmKCdpJywgODE5NTY3OSwgMCkFFCxnJywgMjA4MTYxMzUVKTByJywgNDI4OTY3NjQ0BRb0DgGSAp0EITMyS0FmQWlaMHRBYUVOeU54c3dCR0FBZ21aeHVNQUE0QUVBRVNOUTdVUDdIa3dkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkFhZ0JBN0FCQUxrQnZ0Qk14UUFBLURfQkFiN1FUTVVBQVBnX3lRRmdTOWhRQkIzeFA5a0JBQUFBQUFBQThEX2dBZC1jOUFQMUFRQUFBQUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdISUFnSFFBZ0hZQWdIZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsT1dVMHlPalUwTnpUZ0E1c19nQVFBaUFRQWtBUUFtQVFCd1FRQUFBAX4UQUFBTWtFAQcJARREWUJBRHgVnShBQUFpQVhpS3FrRgEMAQEUOEQteEJRAQoJAQh3UVUJCQEBAE0ZKAxBQURSLigAADIuKAC4T0FGOEpNSjhBV0h3dllKLUFXYWlaUURnZ1lEVlZORWlBWUFrQVlCbUFZQW9RWUEBWzhBQUQ0UDZnR0FiSUdKQWsJEwEBAEIdvwRCawESCQEAQx0YyExnR0hQZ0h4TlFJLUFmeDRRajRCNWpqQ1BnSDN1OEktQWVQOXdnLpoCmQEheVJENER3aTYhAihKbWNiaUFFS0FBeAleXEFBLUQ4NkNVNVpUVEk2TlRRM05FQ2JQMBGBEER3UDFFESsIQUFGERgMQUFBRx0YAEcdGABIHRgQSGdBaVEdEPDlQS4u2ALuY-ACkZw86gI8aHR0cHM6Ly9zMy51cy1lYXN0LTAwNS5iYWNrYmxhemViMi5jb20vNHRjMWgwNWZtei9pbmRleC5odG1sgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTUuMTgxLjIzNC4xMzKoBACyBBAIABABGPgKIKAGKAAwADgCuAQAwAQAyAQA0gQONzYzNiNOWU0yOjU0NzTaBAIIAeAEAfAE3I3GzAGIBQGYBQCgBf___________wHABQDJBQCFWxDwP9IFCY2KcAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGBS4sAPA_0AaHJ9oGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6zKBdIHDRViASYI2gcGAV10GADgBwDqBwIIAPAHj-CrCooIAhAAlQgAAIA_mAgB&s=d44d955dcc70d1f438f00e7843e1213c4272f85b&type=nv&nvt=5&jm=1003&px=593&py=79&bw=300&bh=600&sid=1660761711954030941&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15000574&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/231/trk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Sun, 02 Apr 2023 14:20:54 GMT AN-X-Request-Uuid 0e93f57b-f242-47d4-94cf-14e40c811f4c Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://s3.us-east-005.backblazeb2.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 5.181.234.132; 5.181.234.132; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	uncached Show response products.gobankingrates.com/data/ Frame 212B	30 KB 8 KB	39ms 38ms	XHR application/json	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/data/uncached?banking=[%22pub_placement:962af711-38ff-11ed-9a44-0a919b37cd73%22,%22pub_placement:962af711-38ff-11ed-9a44-0a919b37cd73:split_test%22]&geo=1 Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/versions/3.25.0/static-js/vendors~main.js?bf1bff89717eda4e2a26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software awselb/2.0 / Resource Hash ee50b28c833278e082c0f46fda3a1c492f350749afda4afec4f9230d206cf103 Request headers Accept application/json, text/plain, */* Referer https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73/?ct_url=${CLICKURL} accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:54 GMT content-encoding gzip via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) server awselb/2.0 x-amz-cf-pop EWR50-C1 vary Accept-Encoding x-cache Miss from cloudfront access-control-allow-methods GET access-control-allow-origin * content-type application/json x-amz-cf-id XvQajPVIoAokxEDd9_fC2sUVFZYCjhSg5SA6nIA2A8Y5yFH71TmlXA==
GET H2	200	counts Show response products.gobankingrates.com/counts/ Frame 212B	162 B 494 B	8ms 7ms	XHR application/json	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/counts/counts?keys=[%22pub_placement:962af711-38ff-11ed-9a44-0a919b37cd73%22] Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/versions/3.25.0/static-js/vendors~main.js?bf1bff89717eda4e2a26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software awselb/2.0 / Resource Hash a34257b49aa4e74ccc1b02c308319a272aaa9bb0567ce7edc946bef43141d3ec Request headers Accept application/json, text/plain, */* Referer https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73/?ct_url=${CLICKURL} accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:39 GMT via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) server awselb/2.0 x-amz-cf-pop EWR50-C1 age 15 x-cache Hit from cloudfront access-control-allow-methods OPTIONS,GET,POST access-control-allow-origin * content-type application/json access-control-allow-headers * content-length 162 x-amz-cf-id 8NHhbubgKvVSdLSi1x4lTfuuHbM3fwgTbu4M7SNm03FYDaIvqee5dg==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/ Frame 212B	107 KB 28 KB	36ms 4ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: s3.us-east-005.backblazeb2.com URL: https://s3.us-east-005.backblazeb2.com/4tc1h05fmz/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 02 Apr 2023 14:20:54 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27909 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug rFo7BmFamOJ9dCDy6cZfQk0+MfnWEhi+sU4loOXD1E5YlZG0tzaQ0LFO9BYMNdz/HVZzkk3DFSBMm43yPLWOSg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1512268381 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 212B	222 KB 77 KB	21ms 20ms	Script application/javascript	2607:f8b0:4006:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9NT3490RYG&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDRQDVW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash de93a5dfe819f295155a98e8f3c3c4f224d7d0a275a28df5eaf52dfbc3aa5d80 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79165 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 02 Apr 2023 14:20:54 GMT
GET H2	200	1000.gif idsync.rlcdn.com/ Frame 212B Redirect Chain https://idsync.rlcdn.com/711482.gif?partner_uid=Kk8LBmqpk3hDuDcouNszIt-kwYMKnAGEbMj0D8n9fQ6yr3X_cozffg&gtmcb=449127469 https://idsync.rlcdn.com/1000.gif?memo=CLq2KxJCCj4IARCDkAoaNktrOExCbXFwazNoRHVEY291TnN6SXQta3dZTUtuQUdFYk1qMEQ4bjlmUTZ5cjNYX2NvemZmZxAAGg0Ixp6moQYSBQjoBxAAQgBKAA	42 B 311 B	32ms 31ms	Image image/gif	35.190.60.146 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/1000.gif?memo=CLq2KxJCCj4IARCDkAoaNktrOExCbXFwazNoRHVEY291TnN6SXQta3dZTUtuQUdFYk1qMEQ4bjlmUTZ5cjNYX2NvemZmZxAAGg0Ixp6moQYSBQjoBxAAQgBKAA Protocol H2 Server 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 146.60.190.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:54 GMT via 1.1 google content-type image/gif p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 Redirect headers date Sun, 02 Apr 2023 14:20:54 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://idsync.rlcdn.com/1000.gif?memo=CLq2KxJCCj4IARCDkAoaNktrOExCbXFwazNoRHVEY291TnN6SXQta3dZTUtuQUdFYk1qMEQ4bjlmUTZ5cjNYX2NvemZmZxAAGg0Ixp6moQYSBQjoBxAAQgBKAA cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	data Show response products.gobankingrates.com/ Frame 212B	177 KB 15 KB	57ms 57ms	XHR application/json	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/data?rates=[%227b6e5f29cea02087df3db7b209f9d039%22,%22af4b89db9b4f83910d864460bf41ec96%22,%2284522e08320d237b6dac65ac6144398a%22,%2232974967e50f2d8a3e90e83b56266a0f%22] Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/versions/3.25.0/static-js/vendors~main.js?bf1bff89717eda4e2a26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software awselb/2.0 / Resource Hash 42c304dc55c03b6244d863ceca7c24bd59deb19a8f25fca852d773b222fb23ed Request headers Accept application/json, text/plain, */* Referer https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73/?ct_url=${CLICKURL} accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:54 GMT content-encoding gzip via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) server awselb/2.0 x-amz-cf-pop EWR50-C1 vary Accept-Encoding x-cache Miss from cloudfront access-control-allow-methods GET access-control-allow-origin * content-type application/json x-amz-cf-id u4fxGF0HMYpR7bPIN409p5C4SHbC8B272le9Top5M2HuYQgkhtRf9w==
GET H2	200	452026948463589 Show response connect.facebook.net/signals/config/ Frame 212B	377 KB 108 KB	5ms 4ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/452026948463589?v=2.9.100&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 75b4064afb0f7a2d313a3e5c6b0cd90d3303e319ac7c5e5e9300a9218dea6345 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 02 Apr 2023 14:20:54 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110302 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug Cq8Zh8RFt7pbiVnD5cTIAO4EOufLdiiHPNpvIKxrpg8y0Q3Gs47DLb0U9gttY4elfCgEwMipL+ISwcMA1Ie7Pg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1512268381 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 212B	49 KB 20 KB	22ms 4ms	Script text/javascript	2607:f8b0:4006:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDRQDVW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200e Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 02 Apr 2023 14:05:12 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 942 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Sun, 02 Apr 2023 16:05:12 GMT
GET H2	200	templates-13.css products.gobankingrates.com/versions/3.25.0/static-css/ Frame 212B	257 KB 56 KB	6ms 5ms	Stylesheet text/css	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/versions/3.25.0/static-css/templates-13.css Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/versions/3.25.0/static-js/runtime~main.js?bf1bff89717eda4e2a26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 7eb23b3ac8b86c4e24730df227c275391769f68a0f13f2bf6b364fd067082c3e Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73/?ct_url=${CLICKURL} User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 21:17:55 GMT content-encoding gzip via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) last-modified Wed, 29 Mar 2023 20:50:23 GMT server AmazonS3 x-amz-cf-pop EWR50-C1 age 320580 etag W/"f1607e335114c5aea26c3f5c21973043" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=31557600 x-amz-cf-id z_S_Cv77FpFIAqB4g-AOCmgPF-7OviL8cp0ffLrRoO8kX2WkLRXtTw==
GET H2	200	templates-13.js Show response products.gobankingrates.com/versions/3.25.0/static-js/ Frame 212B	89 KB 28 KB	8ms 7ms	Script application/javascript	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/versions/3.25.0/static-js/templates-13.js Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/versions/3.25.0/static-js/runtime~main.js?bf1bff89717eda4e2a26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 3db17fd5568bb56939488cf50f68e47b10bd58eee15d74a0d5c577c307dcd3fe Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73/?ct_url=${CLICKURL} User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 21:17:55 GMT content-encoding gzip via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) last-modified Wed, 29 Mar 2023 20:50:25 GMT server AmazonS3 x-amz-cf-pop EWR50-C1 age 320580 etag W/"0440607661b7e1e3492d14455cd12885" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31557600 x-amz-cf-id PM3xq_WERCUqo4T18fidwU0HBimtSiHfwEc7khNNv91YBSG5khsh6w==
POST H2	200	/ Show response products.gobankingrates.com/t/ Frame 212B	43 B 340 B	45ms 44ms	XHR image/gif	13.225.214.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://products.gobankingrates.com/t/ Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/versions/3.25.0/static-js/vendors~main.js?bf1bff89717eda4e2a26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-65.ewr50.r.cloudfront.net Software awselb/2.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Accept application/json, text/plain, */* Referer https://products.gobankingrates.com/pub/962af711-38ff-11ed-9a44-0a919b37cd73/cau-borderless?ct_url=${CLICKURL} accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Sun, 02 Apr 2023 14:20:54 GMT via 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront) server awselb/2.0 x-amz-cf-pop EWR50-C1 x-cache Miss from cloudfront access-control-allow-methods OPTIONS,GET,POST access-control-allow-origin * content-type image/gif content-length 43 x-amz-cf-id ec9--_2tcy2X-1ZdLTgkzWktWNKE538ZCDWpfFn5Uzoq6o9ljy9GgQ==
GET H2	200	css fonts.googleapis.com/ Frame 212B	9 KB 830 B	29ms 26ms	Stylesheet text/css	2607:f8b0:4006:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap Requested by Host: products.gobankingrates.com URL: https://products.gobankingrates.com/versions/3.25.0/static-css/templates-13.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f199d822525333355cd29d0349e61d8335f48cef768375a59a70b59c78cf4ed8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 02 Apr 2023 14:20:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 02 Apr 2023 12:47:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 02 Apr 2023 14:20:54 GMT
GET H2	200	/ www.facebook.com/tr/ Frame 212B	0 185 B	17ms 5ms	Image text/plain	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=452026948463589&ev=PageView&dl=https%3A%2F%2Fproducts.gobankingrates.com%2Fpub%2F962af711-38ff-11ed-9a44-0a919b37cd73%2Fcau-borderless%3Fct_url%3D%24%7BCLICKURL%7D&rl=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F&if=true&ts=1680445254705&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&it=1680445254613&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 02 Apr 2023 14:20:54 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	capital_one_logofilepath.png cdn.rates.consumertrack.com/ Frame 212B	10 KB 11 KB	40ms 6ms	Image binary/octet-stream	54.230.163.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.rates.consumertrack.com/capital_one_logofilepath.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-73.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash c1000fc7f65e6af341527671bff63d6e220b01d6cee0d89b7377684eac12fdb5 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 14:50:04 GMT via 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront) last-modified Thu, 05 Jul 2018 23:12:30 GMT server AmazonS3 x-amz-cf-pop EWR53-C3 age 84651 etag "17194079dff99058829c24f7c54c3164" x-cache Hit from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 10560 x-amz-cf-id Hqq-mBJPnlljvJNNq_r0zI0RDnhwc9QA3cUUHXqvHYogW6vSThPoJg==
GET H2	200	rate311860_logofilepath.jpg cdn.rates.consumertrack.com/ Frame 212B	15 KB 15 KB	41ms 7ms	Image binary/octet-stream	54.230.163.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.rates.consumertrack.com/rate311860_logofilepath.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-73.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash a0fabf1d5c3f65f401cc847f09820a4f6bb8aeba721890cd47b0af8e21ff81d3 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 19:30:27 GMT via 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront) last-modified Mon, 20 Mar 2023 19:30:07 GMT server AmazonS3 x-amz-cf-pop EWR53-C3 age 67828 x-amz-server-side-encryption AES256 etag "2c247cc50d147e1dd1f2b077b30032c1" x-cache Hit from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 15345 x-amz-cf-id SKTHJ2XP91U51JoIqtrrCOdknKS0k9pIo6Zpye-_lmjMbsa6weu59A==
GET H2	200	citibank_national_association_logofilepath.jpg cdn.rates.consumertrack.com/ Frame 212B	15 KB 15 KB	43ms 10ms	Image binary/octet-stream	54.230.163.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.rates.consumertrack.com/citibank_national_association_logofilepath.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-73.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash a0fabf1d5c3f65f401cc847f09820a4f6bb8aeba721890cd47b0af8e21ff81d3 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 17:05:45 GMT via 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront) last-modified Wed, 01 Mar 2023 17:05:25 GMT server AmazonS3 x-amz-cf-pop EWR53-C3 age 76510 etag "2c247cc50d147e1dd1f2b077b30032c1" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 15345 x-amz-cf-id woHaSLb3NbeR9RdTjT7mswn32do25eVf8sIdM-3L_SoQub6lIY-QEw==
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/ Frame 212B	13 KB 13 KB	23ms 6ms	Font font/woff2	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://products.gobankingrates.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:34:02 GMT x-content-type-options nosniff age 445612 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12924 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:02:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:34:02 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/ Frame 212B	13 KB 13 KB	27ms 10ms	Font font/woff2	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://products.gobankingrates.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:34:02 GMT x-content-type-options nosniff age 445612 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13052 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:09:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:34:02 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v21/ Frame 212B	13 KB 13 KB	23ms 7ms	Font font/woff2	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://products.gobankingrates.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:36:56 GMT x-content-type-options nosniff age 445438 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13036 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:04:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:36:56 GMT
GET H2	200	B27472238.346521115;dc_pre=CNqB67Oyi_4CFeIPcQodjEELTg;dc_trk_aid=524473760;dc_trk_cid=168772435;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen... ad.doubleclick.net/ddm/trackimp/N3282.520089GOBANKINGRATES.COM/ Frame 212B Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N3282.520089GOBANKINGRATES.COM/B27472238.346521115;dc_trk_aid=524473760;dc_trk_cid=168772435;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatmen... https://ad.doubleclick.net/ddm/trackimp/N3282.520089GOBANKINGRATES.COM/B27472238.346521115;dc_pre=CNqB67Oyi_4CFeIPcQodjEELTg;dc_trk_aid=524473760;dc_trk_cid=168772435;ord=[timestamp];dc_lat=;dc_rdi...	42 B 220 B	31ms 29ms	Image image/gif	142.251.41.6 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N3282.520089GOBANKINGRATES.COM/B27472238.346521115;dc_pre=CNqB67Oyi_4CFeIPcQodjEELTg;dc_trk_aid=524473760;dc_trk_cid=168772435;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=? Protocol H2 Server 142.251.41.6 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s40-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Sun, 02 Apr 2023 14:20:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 02 Apr 2023 14:20:54 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad.doubleclick.net/ddm/trackimp/N3282.520089GOBANKINGRATES.COM/B27472238.346521115;dc_pre=CNqB67Oyi_4CFeIPcQodjEELTg;dc_trk_aid=524473760;dc_trk_cid=168772435;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	B29073807.354008672;dc_pre=CIqJ67Oyi_4CFYOFswodWa8Ieg;dc_trk_aid=545611331;dc_trk_cid=183527792;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/ Frame 212B Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008672;dc_trk_aid=545611331;dc_trk_cid=183527792;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=... https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008672;dc_pre=CIqJ67Oyi_4CFYOFswodWa8Ieg;dc_trk_aid=545611331;dc_trk_cid=183527792;ord=[timestamp];dc_lat=;dc_rdid=...	42 B 209 B	35ms 34ms	Image image/gif	142.251.41.6 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008672;dc_pre=CIqJ67Oyi_4CFYOFswodWa8Ieg;dc_trk_aid=545611331;dc_trk_cid=183527792;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=? Protocol H2 Server 142.251.41.6 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s40-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Sun, 02 Apr 2023 14:20:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 02 Apr 2023 14:20:54 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008672;dc_pre=CIqJ67Oyi_4CFYOFswodWa8Ieg;dc_trk_aid=545611331;dc_trk_cid=183527792;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	B29073807.354351732;dc_pre=COWH67Oyi_4CFYKSnwodbiYJ4w;dc_trk_aid=545611625;dc_trk_cid=183327766;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/ Frame 212B Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354351732;dc_trk_aid=545611625;dc_trk_cid=183327766;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=... https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354351732;dc_pre=COWH67Oyi_4CFYKSnwodbiYJ4w;dc_trk_aid=545611625;dc_trk_cid=183327766;ord=[timestamp];dc_lat=;dc_rdid=...	42 B 209 B	36ms 35ms	Image image/gif	142.251.41.6 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354351732;dc_pre=COWH67Oyi_4CFYKSnwodbiYJ4w;dc_trk_aid=545611625;dc_trk_cid=183327766;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=? Protocol H2 Server 142.251.41.6 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s40-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Sun, 02 Apr 2023 14:20:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 02 Apr 2023 14:20:54 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354351732;dc_pre=COWH67Oyi_4CFYKSnwodbiYJ4w;dc_trk_aid=545611625;dc_trk_cid=183327766;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	B29073807.354008540;dc_pre=CM6J67Oyi_4CFUj1swodN9MKSw;dc_trk_aid=545731492;dc_trk_cid=183528035;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/ Frame 212B Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008540;dc_trk_aid=545731492;dc_trk_cid=183528035;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=... https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008540;dc_pre=CM6J67Oyi_4CFUj1swodN9MKSw;dc_trk_aid=545731492;dc_trk_cid=183528035;ord=[timestamp];dc_lat=;dc_rdid=...	42 B 209 B	34ms 33ms	Image image/gif	142.251.41.6 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008540;dc_pre=CM6J67Oyi_4CFUj1swodN9MKSw;dc_trk_aid=545731492;dc_trk_cid=183528035;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=? Protocol H2 Server 142.251.41.6 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s40-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Sun, 02 Apr 2023 14:20:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 02 Apr 2023 14:20:54 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad.doubleclick.net/ddm/trackimp/N458401.1970501CONSUMERTRACK/B29073807.354008540;dc_pre=CM6J67Oyi_4CFUj1swodN9MKSw;dc_trk_aid=545731492;dc_trk_cid=183528035;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	vevent nym1-ib.adnxs.com/ Frame 9943	0 968 B	30ms 29ms	Ping text/html	68.67.160.132 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F4tc1h05fmz%2Findex.html&e=wqT_3QK8Cnw8BQAAAwDWAAUBCMaepqEGELPT3evp6IOYQBgAKjYJAAUBCPg_EQUIMAD4PxkAAADA9Sj4PyEREgApEQkAMREbqDD-x5MHONQ7QNQ7SAJQ3I3GzAFYmZxuYABolL5jeKzKBYABAYoBA1VTRJIFBvBMmAGsAqAB2ASoAQGwAQC4AQHAAQPIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDY2MjAzMTQsIDApO3VmKCdpJywgODE5NTY3OSwgMCkFFCxnJywgMjA4MTYxMzUVKTByJywgNDI4OTY3NjQ0BRb0DgGSAp0EITMyS0FmQWlaMHRBYUVOeU54c3dCR0FBZ21aeHVNQUE0QUVBRVNOUTdVUDdIa3dkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkFhZ0JBN0FCQUxrQnZ0Qk14UUFBLURfQkFiN1FUTVVBQVBnX3lRRmdTOWhRQkIzeFA5a0JBQUFBQUFBQThEX2dBZC1jOUFQMUFRQUFBQUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdISUFnSFFBZ0hZQWdIZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsT1dVMHlPalUwTnpUZ0E1c19nQVFBaUFRQWtBUUFtQVFCd1FRQUFBAX4UQUFBTWtFAQcJARREWUJBRHgVnShBQUFpQVhpS3FrRgEMAQEUOEQteEJRAQoJAQh3UVUJCQEBAE0ZKAxBQURSLigAADIuKAC4T0FGOEpNSjhBV0h3dllKLUFXYWlaUURnZ1lEVlZORWlBWUFrQVlCbUFZQW9RWUEBWzhBQUQ0UDZnR0FiSUdKQWsJEwEBAEIdvwRCawESCQEAQx0YyExnR0hQZ0h4TlFJLUFmeDRRajRCNWpqQ1BnSDN1OEktQWVQOXdnLpoCmQEheVJENER3aTYhAihKbWNiaUFFS0FBeAleXEFBLUQ4NkNVNVpUVEk2TlRRM05FQ2JQMBGBEER3UDFFESsIQUFGERgMQUFBRx0YAEcdGABIHRgQSGdBaVEdEPDlQS4u2ALuY-ACkZw86gI8aHR0cHM6Ly9zMy51cy1lYXN0LTAwNS5iYWNrYmxhemViMi5jb20vNHRjMWgwNWZtei9pbmRleC5odG1sgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTUuMTgxLjIzNC4xMzKoBACyBBAIABABGPgKIKAGKAAwADgCuAQAwAQAyAQA0gQONzYzNiNOWU0yOjU0NzTaBAIIAeAEAfAE3I3GzAGIBQGYBQCgBf___________wHABQDJBQCFWxDwP9IFCY2KcAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGBS4sAPA_0AaHJ9oGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6zKBdIHDRViASYI2gcGAV10GADgBwDqBwIIAPAHj-CrCooIAhAAlQgAAIA_mAgB&s=d44d955dcc70d1f438f00e7843e1213c4272f85b&type=pv&jm=1003|1030&px=593&py=79&bw=300&bh=600&sf=1&sid=1660761711954030941&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15000574&ft=2 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/231/trk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Sun, 02 Apr 2023 14:20:55 GMT AN-X-Request-Uuid c0ffff7c-b697-46c1-a696-afc87693ed86 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://s3.us-east-005.backblazeb2.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 5.181.234.132; 5.181.234.132; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ www.facebook.com/tr/ Frame 212B	0 54 B	4ms 4ms	Image text/plain	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=452026948463589&ev=Microdata&dl=https%3A%2F%2Fproducts.gobankingrates.com%2Fpub%2F962af711-38ff-11ed-9a44-0a919b37cd73%2Fcau-borderless%3Fct_url%3D%24%7BCLICKURL%7D&rl=https%3A%2F%2Fs3.us-east-005.backblazeb2.com%2F&if=true&ts=1680445256209&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Personal%20Finance%20Site%20To%20Help%20You%20Find%20More%20Ways%20To%20Save%20Money%20And%20Make%20Money%20%7C%20GOBankingRates%22%2C%22meta%3Adescription%22%3A%22Get%20expert%20advice%20and%20personal%20finance%20news.%20Browse%20the%20best%20interest%20rates%20from%20over%205%2C000%20local%2C%20national%2C%20and%20online%20banks%20and%20credit%20union%20from%20GOBankingrates.com%22%2C%22meta%3Akeywords%22%3A%22personal%20finance%2Cpersonal%20finance%20news%2Cpersonal%20finance%20today%5C%5C%27s%20news%2Centertainment%20finance%2Centertainment%20finance%20movies%2Cpersonal%20finance%20investment%20strategies%2Cpersonal%20finance%20investment%20strategies%20tips%2Cpersonal%20loans%20for%20bad%20credit%2Cpersonal%20loan%20with%20bad%20credit%2Cpersonal%20loan%20bad%20credit%2Cpersonal%20loans%20with%20bad%20credit%2Cpersonal%20finance%20loans%2Cpersonal%20loans%2C401k%20rollover%20rules%2Cwhat%20is%20a%20401k%20rollover%2Cpersonal%20finance%20retirement%20accounts%2Cpersonal%20finance%20retirement%20accounts%20401k%20tips%2Cdo%20i%20need%20a%20fi%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&it=1680445254613&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://products.gobankingrates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 02 Apr 2023 14:20:56 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/	89 KB 29 KB	324ms 159ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.cimcontent.net URL: https://static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:57 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 24 Feb 2023 07:57:32 GMT server nginx etag W/"63f86dec-16386" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 03 Apr 2023 14:20:57 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://us-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAYsaQ62NPfgr1RV-yRKro4&google_cver=1	43 B 114 B	24ms 24ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAYsaQ62NPfgr1RV-yRKro4&google_cver=1 Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Sun, 02 Apr 2023 14:20:57 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Sun, 02 Apr 2023 14:20:57 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAYsaQ62NPfgr1RV-yRKro4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame EBB5	15 KB 6 KB	34ms 11ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=s3.us-east-005.backblazeb2.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://s3.us-east-005.backblazeb2.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 02 Apr 2023 14:20:57 GMT server Kestrel server-processing-duration-in-ticks 905499 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/	89 KB 29 KB	328ms 162ms	XHR text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: dekalbcountygagov.com URL: https://dekalbcountygagov.com/email-list/xfinitydcnjdf/static/js/comcast-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://s3.us-east-005.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 14:20:57 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 24 Feb 2023 07:57:32 GMT server nginx etag W/"63f86dec-16386" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 03 Apr 2023 14:20:57 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame EBB5 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=backblazeb2.com&sn=ChromeSyncframe&so=0&topUrl=s3.us-east-005.backblazeb2.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=tSfqhHxjZUxVR0ZIWVUrU1lkYXFXbkRLSFFDS0QydllyelZVN1haRDJtNFlGT3ZNUnJZc2lFRENiNnlVa29QNElKZm5LWVM1YmIyVUlYbkR4MnhGSjIvTU1TNTdIWkl4MWJVcENwRW45ajB5VHpMVGNyZGllUU5vYUxHcW...	438 B 655 B	60ms 11ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=tSfqhHxjZUxVR0ZIWVUrU1lkYXFXbkRLSFFDS0QydllyelZVN1haRDJtNFlGT3ZNUnJZc2lFRENiNnlVa29QNElKZm5LWVM1YmIyVUlYbkR4MnhGSjIvTU1TNTdIWkl4MWJVcENwRW45ajB5VHpMVGNyZGllUU5vYUxHcWwxbHBzU1FiT2xqRm12dzRqdWdyTkk5WEh0OU1QUGkvVzYxb2E5TnJ1RTZTN2NhU1VzYVVERk9SZ0NSTjYvcytkSkFoZ0IvNnJBL1NtZlhYckRXUFFraEp0UVVabHlUbmlUd3dEOVY0bnplSTZqVzV5bG5iL3c3RjdsbTlwZEtZb3pXMUZKdmNpVmhpZ2xQd0JReGxtUFg5dUtpRS9iMEZZby9nWEpsblYvaTJjTmw2STFkOD18&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 073c97ee80f48ac6999e9bb467ef1dee0f0e57004859fbf7edb9505e5d06c83c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Sun, 02 Apr 2023 14:20:56 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2444285 expires 0 Redirect headers pragma no-cache date Sun, 02 Apr 2023 14:20:56 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=tSfqhHxjZUxVR0ZIWVUrU1lkYXFXbkRLSFFDS0QydllyelZVN1haRDJtNFlGT3ZNUnJZc2lFRENiNnlVa29QNElKZm5LWVM1YmIyVUlYbkR4MnhGSjIvTU1TNTdIWkl4MWJVcENwRW45ajB5VHpMVGNyZGllUU5vYUxHcWwxbHBzU1FiT2xqRm12dzRqdWdyTkk5WEh0OU1QUGkvVzYxb2E5TnJ1RTZTN2NhU1VzYVVERk9SZ0NSTjYvcytkSkFoZ0IvNnJBL1NtZlhYckRXUFFraEp0UVVabHlUbmlUd3dEOVY0bnplSTZqVzV5bG5iL3c3RjdsbTlwZEtZb3pXMUZKdmNpVmhpZ2xQd0JReGxtUFg5dUtpRS9iMEZZby9nWEpsblYvaTJjTmw2STFkOD18&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 765802 content-length 0 expires 0
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs-simple.com/dmp/ Frame D0C8	52 KB 17 KB	50ms 7ms	Document text/html	96.6.22.203 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs-simple.com/dmp/async_usersync.html Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/ast/ast.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 96.6.22.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-22-203.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://s3.us-east-005.backblazeb2.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Sun, 02 Apr 2023 14:20:57 GMT ETag "623de86a-cf34" Expires Mon, 03 Apr 2023 14:20:59 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Unused62 8096267 Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame D0C8	0 859 B	5ms 5ms	Script text/html	68.67.179.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs-simple.com URL: https://acdn.adnxs-simple.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.179.89 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://acdn.adnxs-simple.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Sun, 02 Apr 2023 14:20:57 GMT AN-X-Request-Uuid 782b77c3-fa2e-438a-949e-67b7344a6700 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 5.181.234.132; 5.181.234.132; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame D0C8	0 859 B	13ms 12ms	Script text/html	68.67.179.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs-simple.com URL: https://acdn.adnxs-simple.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.179.89 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://acdn.adnxs-simple.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Sun, 02 Apr 2023 14:20:58 GMT AN-X-Request-Uuid 6a57e68b-8bd9-444d-af3c-b7ec8fe934eb Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 5.181.234.132; 5.181.234.132; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT