Submitted URL: https://go.fmagencyfinance.com/e/216522/gn-indep-organizing-for-change/ctfmwn/949991890?h=vQfqKMBBLdqMinm5GVM57aRWLbsPUVKwHF2fs...
Effective URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Submission: On October 13 via api from US — Scanned from DE

Summary

This website contacted 30 IPs in 6 countries across 27 domains to perform 102 HTTP transactions. The main IP is 67.227.165.77, located in United States and belongs to LIQUIDWEB, US. The main domain is www.firstmid.com. The Cisco Umbrella rank of the primary domain is 847766.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 10th 2022. Valid for: a year.
This is the only time www.firstmid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 3.92.120.28 14618 (AMAZON-AES)
24 67.227.165.77 32244 (LIQUIDWEB)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 107.162.165.132 55002 (DEFENSE-NET)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:470... 20940 (AKAMAI-ASN1)
2 199.232.136.157 54113 (FASTLY)
1 142.250.184.226 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 138.128.247.123 36007 (KAMATERA)
1 169.50.137.176 36351 (SOFTLAYER)
2 104.244.42.5 13414 (TWITTER)
2 104.244.42.131 13414 (TWITTER)
2 2001:4860:480... 15169 (GOOGLE)
10 54.85.195.79 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.228.71.178 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 23.35.236.196 16625 (AKAMAI-AS)
2 147.185.239.105 36007 (KAMATERA)
15 13.225.78.118 16509 (AMAZON-02)
1 108.138.17.126 16509 (AMAZON-02)
102 30
Apex Domain
Subdomains
Transfer
25 freshchat.com
wchat.freshchat.com — Cisco Umbrella Rank: 9824
assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 17500
121720455943926.webpush.freshchat.com
646 KB
24 firstmid.com
www.firstmid.com — Cisco Umbrella Rank: 847766
275 KB
5 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 847
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2668
20 KB
3 iesnare.com
mpsnare.iesnare.com — Cisco Umbrella Rank: 5820
21 KB
3 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 4483
cdn.acsbapp.com — Cisco Umbrella Rank: 4888
web1.acsbapp.com Failed
165 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 3646
4 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
565 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
222 B
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 547
608 B
2 t.co
t.co — Cisco Umbrella Rank: 483
579 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 624
30 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 798
21 KB
2 gstatic.com
fonts.gstatic.com
78 KB
2 secureinternetbank.com
web13.secureinternetbank.com — Cisco Umbrella Rank: 133955
8 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
158 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
ajax.googleapis.com — Cisco Umbrella Rank: 306
61 KB
2 fmagencyfinance.com
go.fmagencyfinance.com
2 KB
1 freshworksapi.com
rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 10861
25 KB
1 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4597
i.simpli.fi Failed
4 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 131
15 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
8 KB
0 google.de Failed
www.google.de Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
102 27
Domain Requested by
24 www.firstmid.com www.firstmid.com
13 assetscdn-wchat.freshchat.com wchat.freshchat.com
assetscdn-wchat.freshchat.com
10 wchat.freshchat.com www.firstmid.com
wchat.freshchat.com
assetscdn-wchat.freshchat.com
5 ct.pinterest.com s.pinimg.com
www.firstmid.com
3 mpsnare.iesnare.com web13.secureinternetbank.com
mpsnare.iesnare.com
www.firstmid.com
2 121720455943926.webpush.freshchat.com wchat.freshchat.com
121720455943926.webpush.freshchat.com
2 pi.pardot.com www.firstmid.com
pi.pardot.com
2 cdn.acsbapp.com acsbapp.com
2 www.google.com www.firstmid.com
2 www.facebook.com www.firstmid.com
2 region1.google-analytics.com www.googletagmanager.com
2 analytics.twitter.com www.firstmid.com
2 t.co www.firstmid.com
2 connect.facebook.net www.firstmid.com
connect.facebook.net
2 static.ads-twitter.com www.googletagmanager.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 web13.secureinternetbank.com www.firstmid.com
web13.secureinternetbank.com
2 www.googletagmanager.com www.firstmid.com
www.googletagmanager.com
2 go.fmagencyfinance.com 1 redirects pi.pardot.com
1 rts-static-prod.freshworksapi.com assetscdn-wchat.freshchat.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 tag.simpli.fi www.googletagmanager.com
1 acsbapp.com www.firstmid.com
1 snap.licdn.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 ajax.googleapis.com www.firstmid.com
1 code.jquery.com www.firstmid.com
1 fonts.googleapis.com www.firstmid.com
0 web1.acsbapp.com Failed
0 i.simpli.fi Failed tag.simpli.fi
0 www.google.de Failed www.firstmid.com
0 px.ads.linkedin.com Failed www.firstmid.com
102 35
Subject Issuer Validity Valid
www.firstmid.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-10 -
2023-06-13
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
web13.secureinternetbank.com
DigiCert SHA2 Extended Validation Server CA
2022-02-02 -
2023-02-02
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-01 -
2023-08-08
a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-08-22
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-07-22 -
2022-10-20
3 months crt.sh
*.acsbapp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-28 -
2023-10-05
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.freshchat.com
Amazon
2022-03-23 -
2023-04-21
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
mpsnare.iesnare.com
DigiCert SHA2 High Assurance Server CA
2022-04-29 -
2023-05-23
a year crt.sh
www.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-13 -
2023-09-12
a year crt.sh
freshchat.com
Amazon
2022-06-28 -
2023-07-27
a year crt.sh
freshworksapi.com
Amazon
2022-01-03 -
2023-01-31
a year crt.sh
go.fmagencyfinance.com
R3
2022-09-19 -
2022-12-18
3 months crt.sh
*.wchat.webpush.myfreshworks.com
Amazon
2022-07-06 -
2023-08-04
a year crt.sh

This page contains 5 frames:

Primary Page: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Frame ID: CC6ABA0DD5416FC6240E90AEC31E5DD5
Requests: 77 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 64E77121A82ED301614923FF6C720E20
Requests: 1 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Frame ID: B969A2C6E2BCE1B5F017623A5FC51ADD
Requests: 21 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7B76895F1CAE67F5471B9A852100251D
Requests: 1 HTTP requests in this frame

Frame: https://121720455943926.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Frame ID: EC1733BE21B30D851CCEF1CEAEE4B1B5
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Agency Finance - First Mid Bank & Trust

Page URL History Show full URLs

  1. https://go.fmagencyfinance.com/e/216522/gn-indep-organizing-for-change/ctfmwn/949991890?h=vQfqKMBBLdqMinm5G... HTTP 301
    https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • wchat\.freshchat\.com/js/widget\.js

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

102
Requests

94 %
HTTPS

48 %
IPv6

27
Domains

35
Subdomains

30
IPs

6
Countries

1662 kB
Transfer

5817 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.fmagencyfinance.com/e/216522/gn-indep-organizing-for-change/ctfmwn/949991890?h=vQfqKMBBLdqMinm5GVM57aRWLbsPUVKwHF2fsDJwkiU HTTP 301
    https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

102 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.firstmid.com/agency-finance/
Redirect Chain
  • https://go.fmagencyfinance.com/e/216522/gn-indep-organizing-for-change/ctfmwn/949991890?h=vQfqKMBBLdqMinm5GVM57aRWLbsPUVKwHF2fsDJwkiU
  • https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
123 KB
23 KB
Document
General
Full URL
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
2975dcfda9faebbc5833e23de611e9c7e239ffdf8b45774714e2e39eb4bbbf0c
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=1800
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
22574
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 15:13:21 GMT
Expect-CT
max-age=7776000, enforce
Expires
Thu, 13 Oct 2022 15:43:21 GMT
Feature-Policy
geolocation 'self'; vibrate 'none'
Keep-Alive
timeout=2, max=500
Link
<https://www.firstmid.com/wp-json/>; rel="https://api.w.org/", <https://www.firstmid.com/wp-json/wp/v2/pages/19424>; rel="alternate"; type="application/json", <https://www.firstmid.com/?p=19424>; rel=shortlink
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin same-origin
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains max-age=31536000;includeSubdomains
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
166
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 15:13:20 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
max-age=63072000
content-encoding
gzip
expires
Sat, 12 Oct 2024 15:13:20 GMT
location
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary
Accept-Encoding,User-Agent
bb144.css
www.firstmid.com/wp-content/cache/minify/
44 KB
10 KB
Stylesheet
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/bb144.css
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
71d5198f6b11fbe900287c37547b1fdc6493d896a4049a2c0093892035b8aa51
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
9511
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:33:59 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Expires
Fri, 14 Oct 2022 15:13:22 GMT
css2
fonts.googleapis.com/
18 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Overpass:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,300;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
196e2f49a8cde0532d1db46f503c433fb98d9f6ed04f8da684876f41fa60b51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 15:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 15:13:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Oct 2022 15:13:22 GMT
a5ff7.css
www.firstmid.com/wp-content/cache/minify/
81 KB
12 KB
Stylesheet
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/a5ff7.css
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
fa1629f63574b87e0242e3d19358ff0789e714902b186adf1723a9dcb802548a
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
11186
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:34:00 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Expires
Fri, 14 Oct 2022 15:13:22 GMT
31d3a.css
www.firstmid.com/wp-content/cache/minify/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/31d3a.css
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
9c58f33567542167e15ff7c71863c9a3e2903c93560f9243d1afe6cbe2e2ef53
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
6114
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:33:59 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Expires
Fri, 14 Oct 2022 15:13:22 GMT
2b9fc.js
www.firstmid.com/wp-content/cache/minify/
135 KB
43 KB
Script
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/2b9fc.js
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
3b55e25dba87c28be5e676e481c3a0f8355360d45ed6d6283524289e260e922a
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
43284
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:34:00 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Expires
Fri, 14 Oct 2022 15:13:22 GMT
70f29.js
www.firstmid.com/wp-content/cache/minify/
8 KB
4 KB
Script
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/70f29.js
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
5eaf4f687b507f49d93fae5489c1cc88012a5f52581650ff1ffda204d5d460a5
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
2610
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:34:00 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Expires
Fri, 14 Oct 2022 15:13:22 GMT
gtm.js
www.googletagmanager.com/
256 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-54QRH3P
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84ff4e687d5a0c437a5dd19a36d2372284e32dcef6b32ed1907a99fb4c27b95b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83351
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 13 Oct 2022 15:13:22 GMT
search-icon.png
www.firstmid.com/wp-content/themes/first-mid-redux/images/
471 B
2 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/search-icon.png
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
41dbeb225af4cda23348d8e37046961a42078afd7209c1d06659e93ad7065cb3
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
471
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Mon, 08 Aug 2022 20:44:28 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=496
Expires
Fri, 14 Oct 2022 15:13:22 GMT
logo-first-mid.png
www.firstmid.com/wp-content/themes/first-mid-redux/images/
7 KB
8 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/logo-first-mid.png
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
b93b59ca9eee44e421ccd73ebc124b78973156ab59727d608f4c7bb2fa11ed98
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
7332
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Mon, 08 Aug 2022 20:44:28 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Expires
Fri, 14 Oct 2022 15:13:22 GMT
remoteLoginLoad
web13.secureinternetbank.com/PBI_PBI1151/js/
535 B
2 KB
Script
General
Full URL
https://web13.secureinternetbank.com/PBI_PBI1151/js/remoteLoginLoad
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.165.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
bab824d761f413cead829bb91421a36884b3f908a5d86438b7df65e8336dcd2d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self'; font-src 'self' data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.onlinebanktours.com https://www.splash-screen.net/ https://mpsnare.iesnare.com; connect-src *; media-src 'self' https://mpsnare.iesnare.com data:; img-src * 'self' data:; style-src 'self' 'unsafe-inline' https://www.onlinebanktours.com; child-src * js:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
frame-ancestors 'self'; default-src 'self'; font-src 'self' data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.onlinebanktours.com https://www.splash-screen.net/ https://mpsnare.iesnare.com; connect-src *; media-src 'self' https://mpsnare.iesnare.com data:; img-src * 'self' data:; style-src 'self' 'unsafe-inline' https://www.onlinebanktours.com; child-src * js:;
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options
nosniff
Date
Thu, 13 Oct 2022 15:13:22 GMT
Via
1.1 dca1-bit13
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
535
X-XSS-Protection
1; mode=block
Expires
-1
locations-btn.png
www.firstmid.com/wp-content/themes/first-mid-redux/images/
3 KB
5 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/locations-btn.png
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
e1fa7ccfd1f16f4829d612a8983f2fb04f9e1c0257e8b62cbfad6a7715bdcfd4
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
3488
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Mon, 08 Aug 2022 20:44:27 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Expires
Fri, 14 Oct 2022 15:13:22 GMT
AFcolosseum_0510-1024x384.jpg
www.firstmid.com/wp-content/uploads/
86 KB
87 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/uploads/AFcolosseum_0510-1024x384.jpg
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
6c64ad7d6c715459f331f3c136ed7c1dfeb100651cf9ae86e512956ace98e595
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
87663
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Mon, 10 May 2021 16:06:12 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Expires
Fri, 14 Oct 2022 15:13:22 GMT
footerlogo1.png
www.firstmid.com/wp-content/themes/first-mid-redux/images/
6 KB
7 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/footerlogo1.png
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
34f0a42e1f810bf1d470a36fc2bd866a7efbf1f5f20eab68f5d8775328ec373e
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
6474
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Mon, 08 Aug 2022 20:44:27 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Expires
Fri, 14 Oct 2022 15:13:22 GMT
footerlogo2.png
www.firstmid.com/wp-content/themes/first-mid-redux/images/
7 KB
8 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/footerlogo2.png
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
8134295409613f9eee225d4a2e4f687c905c441238f0b82a71ef81b52c906e25
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
6701
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Mon, 08 Aug 2022 20:44:27 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Expires
Fri, 14 Oct 2022 15:13:22 GMT
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/
35 KB
8 KB
Stylesheet
General
Full URL
https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:22 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:54 GMT
server
nginx
etag
W/"611feaca-8c85"
vary
Accept-Encoding
x-hw
1665674002.dop258.am5.t,1665674002.cds274.am5.hn,1665674002.cds257.am5.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8323
e3855.css
www.firstmid.com/wp-content/cache/minify/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/e3855.css
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
d8b928ba1e4df240cc7115d0b6e55b288e2810f4b69e2909793c3725a0e061c7
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
1148
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:34:01 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Expires
Fri, 14 Oct 2022 15:13:22 GMT
556ee.js
www.firstmid.com/wp-content/cache/minify/
22 KB
9 KB
Script
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/556ee.js
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
6641143e20b2532cd3a3c07da35d183c9f37c7c60a4731a74eb1d05136a3e5e2
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
8363
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:34:02 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Expires
Fri, 14 Oct 2022 15:13:22 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/
223 KB
60 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 22:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60529
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Oct 2023 22:42:25 GMT
3f747.js
www.firstmid.com/wp-content/cache/minify/
9 KB
4 KB
Script
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/3f747.js
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
1253a1ba1333a5a4492b478778a1f7dd02a57cba4004cc3b270fa9bef6c90c24
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
2423
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:34:02 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Expires
Fri, 14 Oct 2022 15:13:22 GMT
e28da.css
www.firstmid.com/wp-content/cache/minify/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/e28da.css
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
0a1faad3e43a97ba2a52c4801823b7705799e3ceb9b5b3b1452ef4173fc7f727
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
799
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:34:02 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Expires
Fri, 14 Oct 2022 15:13:22 GMT
57364.js
www.firstmid.com/wp-content/cache/minify/
3 KB
2 KB
Script
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/57364.js
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
a204849a0777563cc401d76d1a8e1ab5c5a6c554d391c0b24493985b4a4f42af
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
974
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:34:02 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Expires
Fri, 14 Oct 2022 15:13:22 GMT
203df.js
www.firstmid.com/wp-content/cache/minify/
61 KB
17 KB
Script
General
Full URL
https://www.firstmid.com/wp-content/cache/minify/203df.js
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
2a482da40881c230e4491d4b613d96b791b72e82ec6983a0d01d09ee47bd24b5
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
16427
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Wed, 12 Oct 2022 16:34:01 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Expires
Fri, 14 Oct 2022 15:13:22 GMT
qFdB35WCmI96Ajtm81GgY9nqxw.woff2
fonts.gstatic.com/s/overpass/v12/
39 KB
39 KB
Font
General
Full URL
https://fonts.gstatic.com/s/overpass/v12/qFdB35WCmI96Ajtm81GgY9nqxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Overpass:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,300;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde3aa82c72e28375e51a678915fbe6433029eba1d957e2fee3b91dca4892cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.firstmid.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 06:47:45 GMT
x-content-type-options
nosniff
age
203137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40216
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 18:42:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 06:47:45 GMT
qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v12/
38 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Overpass:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,300;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.firstmid.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 21:14:07 GMT
x-content-type-options
nosniff
age
237555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38720
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 18:41:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 21:14:07 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54QRH3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 13:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
7045
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 13 Oct 2022 15:15:57 GMT
core.js
s.pinimg.com/ct/
1 KB
1 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54QRH3P
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:18c::1931 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-x-true-ttl
7200
x-cdn
akamai
etag
"ef33a337cb7aa4b4f9c294765d2176c0"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
content-length
1146
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54QRH3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:22 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 15:04:19 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15317
x-served-by
cache-iad-kjyo7100153-IAD, cache-hhn11535-HHN
conversion_async.js
www.googleadservices.com/pagead/
41 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54QRH3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15192
x-xss-protection
0
server
cafe
etag
699633608045481581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 15:13:23 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54QRH3P
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:22 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=41625
accept-ranges
bytes
content-length
3063
fbevents.js
connect.facebook.net/en_US/
101 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Oct 2022 15:13:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26852
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
cmP8wiYLLmaW6ZWeGHoFpjD9zUqbHdi8AAX+G5B2vYQ9TNt7NYjVbcTOpdbDluemeycDih4159H5JmDpFTCsaA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
app.js
acsbapp.com/apps/app/dist/js/
428 KB
139 KB
Script
General
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
7e666b1e1034c0bc14e1fe62dd0cb4180fcb3169e59ab5edefb0734f5960f99c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:23 GMT
content-encoding
br
last-modified
Tue, 11 Oct 2022 16:28:07 GMT
etag
"6aee3-63459997-af3ebb833015feec;br"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
142506
expires
Fri, 14 Oct 2022 15:13:23 GMT
oct.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54QRH3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:22 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 15:04:19 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15317
x-served-by
cache-iad-kcgs7200129-IAD, cache-hhn11535-HHN
3211b390-2243-013b-a484-0cc47abd0334
tag.simpli.fi/sifitag/
3 KB
4 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/3211b390-2243-013b-a484-0cc47abd0334
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54QRH3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
d4435e1fca415f5a364fc836e8316f23a47c67d4f74494d832e52204cacb388d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Thu, 13 Oct 2022 15:13:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3101
x-request-id
Fx2prjwtdjtjrezCJDEB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/
229 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3LWVKP0H88&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54QRH3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c6ad24c3267ba81687ef1daff0510679f85cd938a9eba7aced2682fe1b0776b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77969
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 13 Oct 2022 15:13:22 GMT
adsct
t.co/i/
43 B
203 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=9285875a-e28e-4484-87c1-00fd7a242e0d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b1d24368-a619-40eb-bc08-a1db4014656d&tw_document_href=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o50zz&type=javascript&version=2.3.27
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
109
date
Thu, 13 Oct 2022 15:13:22 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
f416783aaf40902c
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
b09c10ed5ca3c80631ff2625e69d0982be618666df61cfa1f3ecdbb0be421f29
content-length
43
adsct
analytics.twitter.com/i/
43 B
394 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9285875a-e28e-4484-87c1-00fd7a242e0d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b1d24368-a619-40eb-bc08-a1db4014656d&tw_document_href=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o50zz&type=javascript&version=2.3.27
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
102
date
Thu, 13 Oct 2022 15:13:22 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
d1ef1ce5a007a015
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
8df2aab078237496b444540f7bcd158b5f356f0341c5885c7949ad2493e1738e
content-length
43
adsct
t.co/i/
43 B
376 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=1&event_id=7665593e-8b2f-4e57-a6c9-d74cd1bfe8f5&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b1d24368-a619-40eb-bc08-a1db4014656d&tw_document_href=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8wyn&type=javascript&version=2.3.27
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
102
date
Thu, 13 Oct 2022 15:13:22 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
9501f3fc439c3c54
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
b09c10ed5ca3c80631ff2625e69d0982be618666df61cfa1f3ecdbb0be421f29
content-length
43
adsct
analytics.twitter.com/i/
43 B
214 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=1&event_id=7665593e-8b2f-4e57-a6c9-d74cd1bfe8f5&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b1d24368-a619-40eb-bc08-a1db4014656d&tw_document_href=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8wyn&type=javascript&version=2.3.27
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
105
date
Thu, 13 Oct 2022 15:13:22 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
9b02ac10d472edb6
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
8df2aab078237496b444540f7bcd158b5f356f0341c5885c7949ad2493e1738e
content-length
43
collect
px.ads.linkedin.com/
0
0

1086906804989701
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1086906804989701?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
37a921187ec14cea349bc6e9e6dda2b4d0b660e6b88aca8a896344c53f6636bd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Oct 2022 15:13:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
5EDr0xL/JwQbMd+k9vb2X0qtV5LE7oQ4sBdl4FJBDHBCRyR7B04n/iSVblTawXv+NCLJrQfbk/GLdEBhwnm+4g==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
339 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3LWVKP0H88&gtm=2oeaa0&_p=1195352884&cid=308746044.1665674003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665674003&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&dt=Agency%20Finance%20-%20First%20Mid%20Bank%20%26%20Trust&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LWVKP0H88&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 15:13:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firstmid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1195352884&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&ul=en-us&de=UTF-8&dt=Agency%20Finance%20-%20First%20Mid%20Bank%20%26%20Trust&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2128598093&gjid=1861070109&cid=308746044.1665674003&tid=UA-12127876-1&_gid=444404414.1665674003&_r=1&gtm=2wgaa054QRH3P&z=1674188782
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 15:13:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firstmid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
remoteLoginPost
web13.secureinternetbank.com/PBI_PBI1151/js/
5 KB
6 KB
Script
General
Full URL
https://web13.secureinternetbank.com/PBI_PBI1151/js/remoteLoginPost
Requested by
Host: web13.secureinternetbank.com
URL: https://web13.secureinternetbank.com/PBI_PBI1151/js/remoteLoginLoad
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.165.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
82fc6fdca0f608870cf813d5e87b63efa492e50bc34b83a782b18c3f29ea6485
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self'; font-src 'self' data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.onlinebanktours.com https://www.splash-screen.net/ https://mpsnare.iesnare.com; connect-src *; media-src 'self' https://mpsnare.iesnare.com data:; img-src * 'self' data:; style-src 'self' 'unsafe-inline' https://www.onlinebanktours.com; child-src * js:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'; default-src 'self'; font-src 'self' data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.onlinebanktours.com https://www.splash-screen.net/ https://mpsnare.iesnare.com; connect-src *; media-src 'self' https://mpsnare.iesnare.com data:; img-src * 'self' data:; style-src 'self' 'unsafe-inline' https://www.onlinebanktours.com; child-src * js:;
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options
nosniff
Date
Thu, 13 Oct 2022 15:13:22 GMT
Last-Modified
Thu, 13 Oct 2022 15:13:23 GMT
Via
1.1 dca1-bit13
Vary
User-Agent
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Content-Length
4864
X-XSS-Protection
1; mode=block
Expires
Fri, 13 Oct 2023 15:13:23 GMT
login-bg.jpg
www.firstmid.com/wp-content/themes/first-mid-redux/images/
2 KB
3 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/login-bg.jpg
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/wp-content/cache/minify/bb144.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
d9ad88a673171b34d53dcafcd8c81908ea3a4d54e87d2e74b2bc712250623484
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/wp-content/cache/minify/bb144.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
2278
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Mon, 08 Aug 2022 20:44:28 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=496
Expires
Fri, 14 Oct 2022 15:13:23 GMT
facebook-icon.png
www.firstmid.com/wp-content/themes/first-mid-redux/images/
1 KB
2 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/facebook-icon.png
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/wp-content/cache/minify/bb144.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
287043e3df9dd89fa1ff305644b25438466026573e432616bead40add43d6338
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/wp-content/cache/minify/bb144.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
1357
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Mon, 08 Aug 2022 20:44:26 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Expires
Fri, 14 Oct 2022 15:13:23 GMT
linkedin-icon.png
www.firstmid.com/wp-content/themes/first-mid-redux/images/
1 KB
3 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/linkedin-icon.png
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/wp-content/cache/minify/bb144.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
306bdc369fa2c04f6c740f92ff4cd2834a5bd191f799a24942997c00e365e516
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/wp-content/cache/minify/bb144.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
1465
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Mon, 08 Aug 2022 20:44:27 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Expires
Fri, 14 Oct 2022 15:13:23 GMT
twitter-ico.png
www.firstmid.com/wp-content/themes/first-mid-redux/images/
2 KB
3 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/twitter-ico.png
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/wp-content/cache/minify/bb144.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
4c83225dc04fc71007303df3080c997f44dc196cc26ecf6a04b1d090e4de0987
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/wp-content/cache/minify/bb144.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
1640
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Mon, 08 Aug 2022 20:44:28 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Expires
Fri, 14 Oct 2022 15:13:23 GMT
pinterest-ico.png
www.firstmid.com/wp-content/themes/first-mid-redux/images/
4 KB
5 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/pinterest-ico.png
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/wp-content/cache/minify/bb144.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
309c2eb4f7960554e22fca933878de9d7988ea57edf3a7cad0c8c0b024f9b924
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/wp-content/cache/minify/bb144.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
4030
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Tue, 06 Sep 2022 22:20:53 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=495
Expires
Fri, 14 Oct 2022 15:13:23 GMT
instagram-ico.png
www.firstmid.com/wp-content/themes/first-mid-redux/images/
4 KB
5 KB
Image
General
Full URL
https://www.firstmid.com/wp-content/themes/first-mid-redux/images/instagram-ico.png
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/wp-content/cache/minify/bb144.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.227.165.77 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.firstmidhost.com
Software
Apache /
Resource Hash
311506e88d674228b7fca9c8747f9480992a806f147eeed9d321ef5b241de9c9
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.firstmid.com/wp-content/cache/minify/bb144.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000;includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-policy
img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
3897
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Referrer-Policy
same-origin, same-origin
Last-Modified
Tue, 06 Sep 2022 22:20:51 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Feature-Policy
geolocation 'self'; vibrate 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Expires
Fri, 14 Oct 2022 15:13:23 GMT
widget.js
wchat.freshchat.com/js/
59 KB
19 KB
Script
General
Full URL
https://wchat.freshchat.com/js/widget.js?t=1665674003088
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.195.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-195-79.compute-1.amazonaws.com
Software
fwe /
Resource Hash
9522f06273f78d21fff2f56b7a3ff41d77a705ededacbfba7e8044436c17743d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
9776c787-eb33-47f4-b002-c5669cc655d6
x-trace-id
00-bed3eed2af7a72a12335d0d61aa8a64c-9af122a988ec80cd-00
served-by
4082
last-modified
Thu, 06 Oct 2022 07:52:21 GMT
server
fwe
report-to
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
Content-Type
application/javascript
x-fw-ratelimiting-managed
false
cache-control
max-age=900, must-revalidate
x-server
4082
/
www.facebook.com/tr/
0
204 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1086906804989701&ev=PageView&dl=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&rl=&if=false&ts=1665674003110&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665674003109.1265046952&it=1665674002967&coo=false&rqm=GET
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Oct 2022 15:13:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/965820312/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965820312/?random=1665674003156&cv=9&fst=1665674003156&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&tiba=Agency%20Finance%20-%20First%20Mid%20Bank%20%26%20Trust&auid=1685277286.1665674003&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19bdebae27610f030e03b77da93ccb231fe9685547ccf2a38c8a709d36791d88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 15:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1093
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
443 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-12127876-1&cid=308746044.1665674003&jid=2128598093&gjid=1861070109&_gid=444404414.1665674003&_u=YADAAEAAAAAAACAAI~&z=758940282
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Oct 2022 15:13:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firstmid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.3a217bc7.js
s.pinimg.com/ct/lib/
55 KB
19 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.3a217bc7.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:18c::1931 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
gzip
x-cdn
akamai
etag
"77f7bb9138eae5ebd8398ae9aec923dd"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
19398
wdp.js
mpsnare.iesnare.com/general5/
41 KB
19 KB
Script
General
Full URL
https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=false&flash=false
Requested by
Host: web13.secureinternetbank.com
URL: https://web13.secureinternetbank.com/PBI_PBI1151/js/remoteLoginPost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e7d0d9dad9dc8422cc7367db3d8dfebd94a9cfefbfc7c6043336d57544208392
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 15:13:23 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
Server
nginx
Accept-CH
ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
p3p
CP="NON DSP COR CURa"
Cache-Control
no-cache, private
Connection
keep-alive
Expires
0
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-12127876-1&cid=308746044.1665674003&jid=2128598093&_u=YADAAEAAAAAAACAAI~&z=1606411832
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 15:13:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
0
0

logo.js
mpsnare.iesnare.com/5.5.0/
505 B
922 B
Script
General
Full URL
https://mpsnare.iesnare.com/5.5.0/logo.js
Requested by
Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=false&flash=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
82b611ba67716b8a0ec8fa88a0284a800898b18e474432e2df1b0ea2c7711e8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:23 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 06 May 2014 00:01:40 GMT
Server
nginx
Accept-CH
ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
p3p
CP="NON DSP COR CURa"
Cache-Control
private
Connection
keep-alive
Expires
Fri, 13 Oct 2023 15:13:23 GMT
time.mp3
mpsnare.iesnare.com/
504 B
881 B
Media
General
Full URL
https://mpsnare.iesnare.com/time.mp3?nocache=0.4008028745185106
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e0ba3a7e2a93c39ae0ae95c42db5b80908516eb11b752c8c621e2735c1f3e042
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

Pragma
public
Date
Thu, 13 Oct 2022 15:13:23 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Server
nginx
Content-Type
audio/mpeg
Content-Range
bytes 0-503/504
Content-Disposition
inline; filename=time.mp3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
504
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/965820312/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/965820312/?random=1665674003156&cv=9&fst=1665673200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&tiba=Agency%20Finance%20-%20First%20Mid%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=1808402381&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 15:13:23 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/965820312/
0
0

/
ct.pinterest.com/user/
533 B
855 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2612950092839&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1665674003385
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3dd9777e4bf37ebda9d52c257d4481a7793947d4793cdddef7218468a20c3cf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.91a02417.1665674003.2e49f30f
x-envoy-upstream-service-time
0
content-length
373
x-pinterest-rid
1482334744125930
pin-unauth
dWlkPU9ESm1OalkxWWpBdFkyUmpaaTAwTURJMExUazJZamN0TURaaVpXVmxNbVF6WVRneA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstmid.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/
533 B
857 B
XHR
General
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612950092839&cb=1665674003387
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3dd9777e4bf37ebda9d52c257d4481a7793947d4793cdddef7218468a20c3cf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.91a02417.1665674003.2e49f359
x-envoy-upstream-service-time
3
content-length
373
x-pinterest-rid
6612284136723978
pin-unauth
dWlkPVltSmtaVEZrTkdJdE1UWmtOUzAwWW1FNUxUaGxPREV0T0RjM1pXUXhaREV3TVdZMg
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstmid.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
332 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2612950092839&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1665674003387
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 15:13:23 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.91a02417.1665674003.2e49f382
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
4261052122033694
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
577 B
Image
General
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612950092839&cb=1665674003387&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU9ESm1OalkxWWpBdFkyUmpaaTAwTURJMExUazJZamN0TURaaVpXVmxNbVF6WVRneA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1665674003515
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 15:13:23 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.91a02417.1665674003.2e49f46c
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
4
content-length
35
x-pinterest-rid
7957573411770148
expires
Sat, 01 Jan 2000 00:00:00 GMT
config.json
cdn.acsbapp.com/cache/app/firstmid.com/
159 B
346 B
Fetch
General
Full URL
https://cdn.acsbapp.com/cache/app/firstmid.com/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.185.239.105 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
f0e07d2dfe3b2cda4771cf71134fe79f4bdffd121ab8f62be406b6100d6af6e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:23 GMT
last-modified
Thu, 13 Oct 2022 15:11:15 GMT
etag
"9f-63482a93-52746166e56cf2c2;;;"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
159
expires
Fri, 14 Oct 2022 15:13:23 GMT
p
i.simpli.fi/
0
0

pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.firstmid.com
URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:23 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Wed, 12 Oct 2022 05:20:14 GMT
Server
PardotServer
etag
"1547-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1946
expires
Sat, 12 Oct 2024 15:13:23 GMT
ct.html
ct.pinterest.com/ Frame 64E7
565 B
591 B
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.91a02417.1665674003.2e49f74d
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 15:13:23 GMT
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
1463821063550932
/
wchat.freshchat.com/widget/ Frame B969
5 KB
3 KB
Document
General
Full URL
https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js?t=1665674003088
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.195.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-195-79.compute-1.amazonaws.com
Software
fwe /
Resource Hash
339a47ea0febb6d0a64c06d758a42075151f15d2d872edaf5c89c19def67d5a6
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 13 Oct 2022 15:13:23 GMT
Transfer-Encoding
chunked
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
last-modified
Thu, 06 Oct 2022 07:52:21 GMT
nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
report-to
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
served-by
5323
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
x-fw-ratelimiting-managed
false
x-request-id
73506580-0225-485e-85eb-3c021db09b1d
x-server
5323
x-trace-id
00-522358d68abdab45b0b2e33a86203881-9b712ff8182b8075-00
x-xss-protection
1; mode=block
widget.css
wchat.freshchat.com/widget/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://wchat.freshchat.com/widget/css/widget.css?t=1665674003635
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js?t=1665674003088
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.195.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-195-79.compute-1.amazonaws.com
Software
fwe /
Resource Hash
a9ec88f31255fb6b754bd738328cc171db125c21e21d65dcb3a6b9c8f1109dc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
a30ae527-a403-968b-9804-5ae1f3e67f83
x-trace-id
00-b0c0bf2e9624fc6a10ae8a41d05ea55d-85f63abffbb3951b-01
served-by
4082
last-modified
Thu, 06 Oct 2022 07:52:21 GMT
server
fwe
report-to
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
Content-Type
text/css
x-fw-ratelimiting-managed
false
cache-control
max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server
4082
expires
Fri, 13 Oct 2023 15:13:23 GMT
/
www.facebook.com/tr/ Frame 7B76
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
null
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 15:13:23 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
en.build.json
cdn.acsbapp.com/cache/app/
238 KB
25 KB
Fetch
General
Full URL
https://cdn.acsbapp.com/cache/app/en.build.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.185.239.105 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
11bbb08c79cc520235d12644c29145adac01d46ef4e6ae85d4dda6ab81cd42f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:23 GMT
content-encoding
br
last-modified
Tue, 11 Oct 2022 16:29:04 GMT
etag
"3b8a2-634599d0-4d3d92c2effeadef;br"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
25894
expires
Fri, 14 Oct 2022 15:13:23 GMT
vendor.d64d219ca4493f67a3970efc52d51c86.css
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
23 KB
4 KB
Stylesheet
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:10:06 GMT
content-encoding
br
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Tue, 13 Sep 2022 14:21:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
199
x-amz-server-side-encryption
AES256
etag
W/"d64d219ca4493f67a3970efc52d51c86"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
Sn1JCU6ZbCNhSzEFGoLb-KWLziHwxEyMFyGE9grorKLWYiwkJK7Vhg==
expires
Fri, 06 Oct 2023 07:52:21 GMT
hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
0
417 B
Stylesheet
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:11:00 GMT
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
0
last-modified
Tue, 13 Sep 2022 14:21:12 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
c5inhcEcZBYSyqYlbGliPN0nethL8Wi4TgCFlma1Vn8DM0Wp4w8xQg==
expires
Fri, 06 Oct 2023 07:52:21 GMT
vendor.3474f8e0dcdb6126f26894076afa40d6.js
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
684 KB
181 KB
Script
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:11:00 GMT
content-encoding
br
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Tue, 13 Sep 2022 14:21:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
148
x-amz-server-side-encryption
AES256
etag
W/"3474f8e0dcdb6126f26894076afa40d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
y0x0BBz-Ys3cDlem08DqVPXfMKboboBKS_sMwrYSR-ykr2eJEdYTPg==
expires
Fri, 06 Oct 2023 07:52:21 GMT
3799.js
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
772 KB
199 KB
Script
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/3799.js
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b1182c43d8e2d9ad2bf4d160d19a5f385047c4a0f88b05332140308d458390d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:10:31 GMT
content-encoding
gzip
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Tue, 13 Sep 2022 14:21:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
178
x-amz-server-side-encryption
AES256
etag
W/"8180076189d919f05b9c73b7c659821f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
sGFGjrHAEi_D-nRoqSdayl-hXanKPVX9UFmbIb0Eb7gcO53ODWKTGQ==
expires
Fri, 06 Oct 2023 07:52:21 GMT
analytics
pi.pardot.com/
1 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1514&account_id=217522&title=Agency%20Finance%20-%20First%20Mid%20Bank%20%26%20Trust&url=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&referrer=&utm_campaign=indep-organizing-for-change&utm_medium=email&utm_source=pardot
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
bebd4272b1abf23cc09cf60cbf7ec07d32492ca34a702a9bd3b662b3168205ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 13 Oct 2022 15:13:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
551
expires
Thu, 19 Nov 1981 08:52:00 GMT
logomono.svg
web1.acsbapp.com/apps/app/dist/media/
0
0

chunk.b5505420e3d496681ab5.css
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
229 KB
25 KB
Stylesheet
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.b5505420e3d496681ab5.css
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbe4e66132ca8ee028c844abfc0ab6c6e8490cd3171f5e7181dbe17ae6adce25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:12:17 GMT
content-encoding
br
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 07:52:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
71
x-amz-server-side-encryption
AES256
etag
W/"d7b50c07b9248a5b3580e8673cc25c3f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
yxkw2TyyhPCtPBB36b9ES2S_nuKlzQ4aTztoFDPKY6NYDYd-SE0qtA==
expires
Fri, 06 Oct 2023 07:52:21 GMT
fd-messaging.76925d88901c00a60140.css
assetscdn-wchat.freshchat.com/static/ Frame B969
229 KB
25 KB
Stylesheet
General
Full URL
https://assetscdn-wchat.freshchat.com/static/fd-messaging.76925d88901c00a60140.css
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbe4e66132ca8ee028c844abfc0ab6c6e8490cd3171f5e7181dbe17ae6adce25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:12:55 GMT
content-encoding
br
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 07:52:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
33
x-amz-server-side-encryption
AES256
etag
W/"d7b50c07b9248a5b3580e8673cc25c3f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
20u0smcn_CJeTDvsbZlNaKrSPQTtNZwQ9nRyTSFt6sEqjnLCWaXacA==
expires
Fri, 06 Oct 2023 07:52:21 GMT
fd-messaging.2665ede4125a56e4559d.js
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
700 KB
125 KB
Script
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.2665ede4125a56e4559d.js
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b83fa70c8737076a6276c414e3b8652cab12d5e37ef9b8fa5cf8590b89432a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:13:20 GMT
content-encoding
br
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 07:52:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
15
x-amz-server-side-encryption
AES256
etag
W/"0e2ec90b0f3e8a5a9163e5d7e7eb131f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
ZJ8LLCsXAv8r3xW3hRYK1TZmDa7-n4kqLpCx9MbXrvw4JkI17MORMQ==
expires
Fri, 06 Oct 2023 07:52:21 GMT
rts-min.js
rts-static-prod.freshworksapi.com/us/ Frame B969
81 KB
25 KB
Script
General
Full URL
https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.2665ede4125a56e4559d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87a1aa02b647d523b00af6888415dc564041142a4bd209c8c0bce33232fea9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
RDFAcOWcHIDM5TRInT6y6Oc4hGITxrCg
content-encoding
gzip
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 15:13:24 GMT
last-modified
Thu, 06 Oct 2022 14:49:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
3
x-amz-server-side-encryption
AES256
etag
W/"57c5de3cefd353890905fd8554262dd0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
xr3d5YPugbyBag1yQNq5JvvMKaEaFMk0XHVXf88YIp5d03-6PwL0eg==
chunk.b119e44805094a7aec07.js
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
5 KB
2 KB
Script
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.b119e44805094a7aec07.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.2665ede4125a56e4559d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76757ef678e74510673670f253fea1f89b87712c316ef719a697c7f6ddae04ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:10:09 GMT
content-encoding
br
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Tue, 13 Sep 2022 14:21:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
198
x-amz-server-side-encryption
AES256
etag
W/"c3f55e7ce3b1831b8a76f54950653df2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
ujbeMpRo7ZrYQ2_Fmrp-uuYTD_xTE1EhnG8Skl5mmzTj2x5F3qbW6Q==
expires
Fri, 06 Oct 2023 07:52:21 GMT
chunk.f0e50d864072128887fc.js
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
11 KB
4 KB
Script
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.f0e50d864072128887fc.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.2665ede4125a56e4559d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7304d86d7c6c039699667162fe39abeb7d531f7f6acba2619a885d39a59ff6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:11:19 GMT
content-encoding
br
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Tue, 13 Sep 2022 14:21:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
128
x-amz-server-side-encryption
AES256
etag
W/"1ae4407b7afcc2dc550f4d597659d448"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
2XNxzH__9mlzTp_IBWCj2_TWtVq7Pf2ThL3r-tAgZ06gp-4j8js91A==
expires
Fri, 06 Oct 2023 07:52:21 GMT
config
wchat.freshchat.com/app/services/app/webchat/bf642ae5-b741-41a2-b09a-8052984ad1f0/ Frame B969
1 KB
3 KB
XHR
General
Full URL
https://wchat.freshchat.com/app/services/app/webchat/bf642ae5-b741-41a2-b09a-8052984ad1f0/config?domain=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.195.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-195-79.compute-1.amazonaws.com
Software
fwe /
Resource Hash
9fb42716e9dd11ea6750389ef5ad57a6cd0dfedb878d75d2895a4eb56d418442
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:24 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
8
Connection
keep-alive
Content-Length
1347
x-xss-protection
1; mode=block
x-request-id
913dc9e4-026b-421b-a3ad-90719e1f1d68
x-trace-id
00-bc93566bb89cc92611e7a5b3497fe598-d720c28c99f0ee16-00
server
fwe
x-ratelimit-remaining
2999
report-to
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
Content-Type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
9886
x-ratelimit-limit
3000
analytics
go.fmagencyfinance.com/
50 B
1 KB
Script
General
Full URL
https://go.fmagencyfinance.com/analytics?conly=true&visitor_id=313920886&visitor_id_sign=c578704cd8875079a4db2dcdc0ecf63f7a2b7fb0903e1ccefbcccb20893cae9d9f1cbd5c4a9fcd1da7ec6dee523550ecc5cd7946&pi_opt_in=&campaign_id=1514&account_id=217522&title=Agency%20Finance%20-%20First%20Mid%20Bank%20%26%20Trust&url=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&referrer=&utm_campaign=indep-organizing-for-change&utm_medium=email&utm_source=pardot
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1514&account_id=217522&title=Agency%20Finance%20-%20First%20Mid%20Bank%20%26%20Trust&url=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&referrer=&utm_campaign=indep-organizing-for-change&utm_medium=email&utm_source=pardot
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 13 Oct 2022 15:13:24 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT
co-browsing.js
wchat.freshchat.com/widget/js/
26 KB
9 KB
Script
General
Full URL
https://wchat.freshchat.com/widget/js/co-browsing.js
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js?t=1665674003088
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.195.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-195-79.compute-1.amazonaws.com
Software
fwe /
Resource Hash
eb90069bfb802ef63158d8954bb6a025a056b3d084e0c7aae494c7401847e590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
cc722cb7-4dce-4a20-8b22-99aa32c808e9
x-trace-id
00-91a1b9bf871a5e0b6b882a7d70838718-437420dab483962c-00
served-by
6714
last-modified
Thu, 06 Oct 2022 07:52:21 GMT
server
fwe
report-to
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
Content-Type
application/javascript
x-fw-ratelimiting-managed
false
cache-control
max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server
6714
expires
Fri, 13 Oct 2023 15:13:24 GMT
notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
4 KB
5 KB
Media
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer
https://wchat.freshchat.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 13 Oct 2022 15:09:15 GMT
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
251
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-4301/4302
Content-Length
4302
last-modified
Tue, 13 Sep 2022 14:21:12 GMT
server
AmazonS3
etag
"a529450a7cfb4a60dea41ef294fa90dd"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=31536000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
ar3sddAfxJU24beCNWhHC5akveus4AdpkkBxyn4UmTBeAYAf9Gx-Hg==
expires
Fri, 06 Oct 2023 07:52:21 GMT
user
wchat.freshchat.com/app/services/app/webchat/bf642ae5-b741-41a2-b09a-8052984ad1f0/ Frame B969
63 B
1 KB
XHR
General
Full URL
https://wchat.freshchat.com/app/services/app/webchat/bf642ae5-b741-41a2-b09a-8052984ad1f0/user
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.195.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-195-79.compute-1.amazonaws.com
Software
fwe /
Resource Hash
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:24 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
4
Connection
keep-alive
Content-Length
63
x-xss-protection
1; mode=block
x-request-id
dcb4bf4d-496e-4c8a-896c-7d88311ad298
x-trace-id
00-b809716cacd4689a6c1a22c5407393fb-c3a42c4ac0399e10-00
server
fwe
x-ratelimit-remaining
2998
report-to
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
Content-Type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
5323
x-ratelimit-limit
3000
cb.css
wchat.freshchat.com/widget/css/
1 KB
2 KB
Stylesheet
General
Full URL
https://wchat.freshchat.com/widget/css/cb.css?t=1665674004574
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/js/co-browsing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.195.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-195-79.compute-1.amazonaws.com
Software
fwe /
Resource Hash
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
186d3eb9-d264-48d7-a4a1-3dcf9d653915
x-trace-id
00-cf36ed1a22f4044b98229911215dfbd4-a262a13f5f285096-00
served-by
2601
last-modified
Thu, 06 Oct 2022 07:52:21 GMT
server
fwe
report-to
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
Content-Type
text/css
x-fw-ratelimiting-managed
false
cache-control
max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server
2601
expires
Fri, 13 Oct 2023 15:13:24 GMT
widget_info_v2
wchat.freshchat.com/app/services/app/webchat/bf642ae5-b741-41a2-b09a-8052984ad1f0/ Frame B969
9 KB
3 KB
XHR
General
Full URL
https://wchat.freshchat.com/app/services/app/webchat/bf642ae5-b741-41a2-b09a-8052984ad1f0/widget_info_v2?locales=en-US,en-US&platform=web
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.195.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-195-79.compute-1.amazonaws.com
Software
fwe /
Resource Hash
6605098d36231f0391debf6b641b0da2869e0ae702c9e98c34817715b722ac12
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:24 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
x-ratelimit-total
3000
Transfer-Encoding
chunked
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
43
x-status
EXPIRED
Connection
keep-alive
x-xss-protection
1; mode=block
x-request-id
edb553fd-11f7-42f5-9b1c-800471ac9f1e
x-trace-id
00-105c813d3d9116409cad7509a1fcb17d-b93daabfeeb48cc1-00
server
fwe
vary
accept-encoding
report-to
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
Content-Type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
2601
x-ratelimit-remaining
2997
x-ratelimit-limit
3000
chunk.f9a65611ffc789a9ce31.js
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
59 KB
14 KB
Script
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.f9a65611ffc789a9ce31.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.2665ede4125a56e4559d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e69c8561fbe0e90c0187d234e7d3698a48e6c1103c332148a19468e9796fead

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:10:42 GMT
content-encoding
br
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Tue, 13 Sep 2022 14:21:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
181
x-amz-server-side-encryption
AES256
etag
W/"18fd80b746496308c5e8e92c1d71fe8c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
Gugd4B0zqqW91kR8wniSLaTSkyuRLpN5htcKqp_XH9i4S7ZRX6wjxA==
expires
Fri, 06 Oct 2023 07:52:21 GMT
activity
wchat.freshchat.com/app/services/app/webchat/bf642ae5-b741-41a2-b09a-8052984ad1f0/user/355f568e-3e5d-4281-b0bd-bd95e518cee4/ Frame B969
17 B
1 KB
XHR
General
Full URL
https://wchat.freshchat.com/app/services/app/webchat/bf642ae5-b741-41a2-b09a-8052984ad1f0/user/355f568e-3e5d-4281-b0bd-bd95e518cee4/activity
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/3799.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.195.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-195-79.compute-1.amazonaws.com
Software
fwe /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:24 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
5
Connection
keep-alive
Content-Length
17
x-xss-protection
1; mode=block
x-request-id
c0eef121-7b35-4ee8-b604-063051684087
x-trace-id
00-6495188638f5faf4d124d02602ce7f18-bea77550dd16be9f-00
server
fwe
x-ratelimit-remaining
2996
report-to
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
Content-Type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
6714
x-ratelimit-limit
3000
index.html
121720455943926.webpush.freshchat.com/ Frame EC17
30 KB
7 KB
Document
General
Full URL
https://121720455943926.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Requested by
Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js?t=1665674003088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 13 Oct 2022 15:13:26 GMT
etag
W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified
Fri, 25 Oct 2019 06:53:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront)
x-amz-cf-id
GOwq_UjTqFrDVwO0ojMJjhm8C4K8aUmJr9eh1G6J1ZoyzGyLrDHA6w==
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
category
wchat.freshchat.com/app/services/app/webchat/bf642ae5-b741-41a2-b09a-8052984ad1f0/faq/ Frame B969
209 B
1 KB
XHR
General
Full URL
https://wchat.freshchat.com/app/services/app/webchat/bf642ae5-b741-41a2-b09a-8052984ad1f0/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.195.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-195-79.compute-1.amazonaws.com
Software
fwe /
Resource Hash
c95904b10eb01ff1cd51195d8ee5a0c56fc091351bbd715deb960332d799d759
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://wchat.freshchat.com/widget/?token=bf642ae5-b741-41a2-b09a-8052984ad1f0&referrer=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 15:13:24 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
10
Connection
keep-alive
Content-Length
209
x-xss-protection
1; mode=block
x-request-id
5343123b-b339-4cd2-b711-8822477377aa
x-trace-id
00-f6daf372cc5946375e54cb2ee994b18a-bfbbf2dc14a159ed-00
server
fwe
x-ratelimit-remaining
2995
report-to
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
Content-Type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
4082
x-ratelimit-limit
3000
freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
663 B
1 KB
Image
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:09:13 GMT
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
259
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
663
last-modified
Tue, 13 Sep 2022 14:21:12 GMT
server
AmazonS3
etag
"cd452acf4efb05843ef7575e5a9de756"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
trQvh96OdSBHKRmVkk5vbh-HSgQrJ8ikVtfPpTgBS6Z-AbF2_MP9uA==
expires
Fri, 06 Oct 2023 07:52:21 GMT
freshchat_logo.f6e2dc08072c0bf69ca4c005e561b7dc.png
assetscdn-wchat.freshchat.com/static/assets/ Frame B969
5 KB
5 KB
Image
General
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/freshchat_logo.f6e2dc08072c0bf69ca4c005e561b7dc.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65844f2f98cb4ef7ee8eea8b791a403cd4c01ff6b638adfba3613738af7efeb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wchat.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:10:05 GMT
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
207
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5034
last-modified
Tue, 13 Sep 2022 14:21:12 GMT
server
AmazonS3
etag
"220df3cb357233c7db4db0b168d191ba"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
D79YJ7143_3QbNx7vOjgwyW4ChqDsvnWpFgMVpdyiJI2G7-YD2qY7g==
expires
Fri, 06 Oct 2023 07:52:21 GMT
6f41f61e-5cfd-4230-9446-478ef3be1a79
https://wchat.freshchat.com/ Frame B969
152 B
0
Other
General
Full URL
blob:https://wchat.freshchat.com/6f41f61e-5cfd-4230-9446-478ef3be1a79
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
152
fc_logo.png
121720455943926.webpush.freshchat.com/ Frame EC17
4 KB
4 KB
Image
General
Full URL
https://121720455943926.webpush.freshchat.com/fc_logo.png
Requested by
Host: 121720455943926.webpush.freshchat.com
URL: https://121720455943926.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://121720455943926.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:44:06 GMT
via
1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront)
last-modified
Thu, 08 Feb 2018 07:54:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
70160
etag
"e87df9f10dcf497ae292dc234200465c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3777
x-amz-cf-id
E68buLcVNMPBz2yyV8r4wX2p5pnQIvYsMkuZOklDBIJDeJoYQP67cQ==
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3LWVKP0H88&gtm=2oeaa0&_p=1195352884&cid=308746044.1665674003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1665674003&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&dt=Agency%20Finance%20-%20First%20Mid%20Bank%20%26%20Trust&en=scroll&epn.percent_scrolled=90&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LWVKP0H88&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 15:13:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firstmid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=938450&time=1665674002959&url=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&tm=gtmv2
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-12127876-1&cid=308746044.1665674003&jid=2128598093&_u=YADAAEAAAAAAACAAI~&z=1606411832
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/965820312/?random=1665674003156&cv=9&fst=1665673200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&tiba=Agency%20Finance%20-%20First%20Mid%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=1808402381&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Domain
i.simpli.fi
URL
https://i.simpli.fi/p?cid=391207&cb=sifi_att_42656._hp
Domain
web1.acsbapp.com
URL
https://web1.acsbapp.com/apps/app/dist/media/logomono.svg

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer undefined| $ function| jQuery object| meteorslidessettings function| $j object| vex function| isNotEmpty function| doLoginCheck function| otherLoginCheck string| visible object| swapForms object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| pintrk function| twq object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| fbq function| _fbq object| regeneratorRuntime object| twttr function| lintrk function| onYouTubeIframeAPIReady object| gaGlobal object| sifi_att_42656 object| gaplugins object| gaData object| PBI object| args object| drop_it string| ajaxurl object| fc_JS object| fcSettings object| mstarAjaxObject undefined| post_type object| meta_data string| meta_key string| meta_value object| tax_data object| p2p_data string| elem_type string| target_element string| update_target string| update_html string| compare string| template string| posts_per_page string| search_type string| order string| orderby number| page_id object| url_params string| ignore_order_by string| piAId string| piCId string| piHostname function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| io_global_object_name object| IGLOO object| tagConfig function| _0x17f1 function| _toConsumableArray function| _0xffac function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| AJS object| AccessiBe object| acsb object| acsbJS object| EJSEventListeners object| fcWidget function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| EJSCustomEvent function| piResponse object| fc_cobrowse object| _fc_cbtemplate

21 Cookies

Domain/Path Name / Value
.firstmid.com/ Name: _gcl_au
Value: 1.1.1685277286.1665674003
.simpli.fi/ Name: suid
Value: 7E0BC60B111949008466AED137683202
.firstmid.com/ Name: _ga_3LWVKP0H88
Value: GS1.1.1665674003.1.0.1665674003.0.0.0
.firstmid.com/ Name: _ga
Value: GA1.2.308746044.1665674003
.firstmid.com/ Name: _gid
Value: GA1.2.444404414.1665674003
.firstmid.com/ Name: _gat_UA-12127876-1
Value: 1
.t.co/ Name: muc_ads
Value: 7c5374a7-cc25-4973-bb6a-5b2dbc2fd32c
.firstmid.com/ Name: _fbp
Value: fb.1.1665674003109.1265046952
.twitter.com/ Name: personalization_id
Value: "v1_Pur/DNmTuLDwxWzcj4qo6g=="
mpsnare.iesnare.com/ Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef
Value: Lgh9o2Tkl8Eu2OKETubdGfjuAfEFu9u2+BP2TUWpM98=
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.firstmid.com/ Name: _pin_unauth
Value: dWlkPU9ESm1OalkxWWpBdFkyUmpaaTAwTURJMExUazJZamN0TURaaVpXVmxNbVF6WVRneA
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZvbldWV1hLbmVPVitwTkRjMFlrVG5RUHJ1ZVRjSG5xT09VakhESlBuWkxYcDhLY01taWFSWk52clorRThONzd5djZva1lDVUJxcmhnclczTldhQ1Y4Y3NoZUNHSVZuUUZ1MjAyWlBJbWZiZz0mQmh0MURNcFZYM3E0QmU5VkRuU3dvd1VsbnNrPQ=="
.www.firstmid.com/ Name: _fw_crm_v
Value: fbfee6b0-6519-45e1-a6bb-557f2ec11a7a
.pardot.com/ Name: visitor_id216522
Value: 313920886
.pardot.com/ Name: visitor_id216522-hash
Value: c578704cd8875079a4db2dcdc0ecf63f7a2b7fb0903e1ccefbcccb20893cae9d9f1cbd5c4a9fcd1da7ec6dee523550ecc5cd7946
pi.pardot.com/ Name: lpv216522
Value: aHR0cHM6Ly93d3cuZmlyc3RtaWQuY29tL2FnZW5jeS1maW5hbmNlLz91dG1fc291cmNlPXBhcmRvdCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1pbmRlcC1vcmdhbml6aW5nLWZvci1jaGFuZ2U%3D
www.firstmid.com/ Name: visitor_id216522
Value: 313920886
www.firstmid.com/ Name: visitor_id216522-hash
Value: c578704cd8875079a4db2dcdc0ecf63f7a2b7fb0903e1ccefbcccb20893cae9d9f1cbd5c4a9fcd1da7ec6dee523550ecc5cd7946
go.fmagencyfinance.com/ Name: visitor_id216522
Value: 313920886
go.fmagencyfinance.com/ Name: visitor_id216522-hash
Value: c578704cd8875079a4db2dcdc0ecf63f7a2b7fb0903e1ccefbcccb20893cae9d9f1cbd5c4a9fcd1da7ec6dee523550ecc5cd7946

7 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
other warning URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change(Line 44)
Message:
<link rel=preload> must have a valid `as` value
security error URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Message:
Refused to load the image 'https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=938450&time=1665674002959&url=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&tm=gtmv2' because it violates the following Content Security Policy directive: "img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com".
security error URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-12127876-1&cid=308746044.1665674003&jid=2128598093&_u=YADAAEAAAAAAACAAI~&z=1606411832' because it violates the following Content Security Policy directive: "img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com".
security error URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Message:
Refused to load the image 'https://www.google.de/pagead/1p-user-list/965820312/?random=1665674003156&cv=9&fst=1665673200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fwww.firstmid.com%2Fagency-finance%2F%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dindep-organizing-for-change&tiba=Agency%20Finance%20-%20First%20Mid%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=1808402381&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com".
network error URL: https://i.simpli.fi/p?cid=391207&cb=sifi_att_42656._hp
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://www.firstmid.com/agency-finance/?utm_source=pardot&utm_medium=email&utm_campaign=indep-organizing-for-change
Message:
Refused to load the image 'https://web1.acsbapp.com/apps/app/dist/media/logomono.svg' because it violates the following Content Security Policy directive: "img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy img-src 'self' data: https://ps.w.org https://s.w.org https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://cdn.oectours.com https://static.hupso.com https://t.co https://analytics.twitter.com https://ct.pinterest.com https://secure.gravatar.com https://www.google-analytics.com;
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubDomains max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

121720455943926.webpush.freshchat.com
acsbapp.com
ajax.googleapis.com
analytics.twitter.com
assetscdn-wchat.freshchat.com
cdn.acsbapp.com
code.jquery.com
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
fonts.gstatic.com
go.fmagencyfinance.com
googleads.g.doubleclick.net
i.simpli.fi
mpsnare.iesnare.com
pi.pardot.com
px.ads.linkedin.com
region1.google-analytics.com
rts-static-prod.freshworksapi.com
s.pinimg.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag.simpli.fi
wchat.freshchat.com
web1.acsbapp.com
web13.secureinternetbank.com
www.facebook.com
www.firstmid.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
i.simpli.fi
px.ads.linkedin.com
web1.acsbapp.com
www.google.de
104.244.42.131
104.244.42.5
107.162.165.132
108.138.17.126
13.225.78.118
138.128.247.123
142.250.184.226
147.185.239.105
169.50.137.176
199.232.136.157
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2b
23.35.236.196
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:806::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:149b
2a02:26f0:4700:18c::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.92.120.28
54.228.71.178
54.85.195.79
67.227.165.77
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
0a1faad3e43a97ba2a52c4801823b7705799e3ceb9b5b3b1452ef4173fc7f727
0b1182c43d8e2d9ad2bf4d160d19a5f385047c4a0f88b05332140308d458390d
0e69c8561fbe0e90c0187d234e7d3698a48e6c1103c332148a19468e9796fead
11bbb08c79cc520235d12644c29145adac01d46ef4e6ae85d4dda6ab81cd42f2
1253a1ba1333a5a4492b478778a1f7dd02a57cba4004cc3b270fa9bef6c90c24
196e2f49a8cde0532d1db46f503c433fb98d9f6ed04f8da684876f41fa60b51f
19bdebae27610f030e03b77da93ccb231fe9685547ccf2a38c8a709d36791d88
287043e3df9dd89fa1ff305644b25438466026573e432616bead40add43d6338
2975dcfda9faebbc5833e23de611e9c7e239ffdf8b45774714e2e39eb4bbbf0c
2a482da40881c230e4491d4b613d96b791b72e82ec6983a0d01d09ee47bd24b5
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
306bdc369fa2c04f6c740f92ff4cd2834a5bd191f799a24942997c00e365e516
309c2eb4f7960554e22fca933878de9d7988ea57edf3a7cad0c8c0b024f9b924
311506e88d674228b7fca9c8747f9480992a806f147eeed9d321ef5b241de9c9
339a47ea0febb6d0a64c06d758a42075151f15d2d872edaf5c89c19def67d5a6
34f0a42e1f810bf1d470a36fc2bd866a7efbf1f5f20eab68f5d8775328ec373e
37a921187ec14cea349bc6e9e6dda2b4d0b660e6b88aca8a896344c53f6636bd
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b55e25dba87c28be5e676e481c3a0f8355360d45ed6d6283524289e260e922a
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3dd9777e4bf37ebda9d52c257d4481a7793947d4793cdddef7218468a20c3cf6
3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
41dbeb225af4cda23348d8e37046961a42078afd7209c1d06659e93ad7065cb3
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4c6ad24c3267ba81687ef1daff0510679f85cd938a9eba7aced2682fe1b0776b
4c83225dc04fc71007303df3080c997f44dc196cc26ecf6a04b1d090e4de0987
5eaf4f687b507f49d93fae5489c1cc88012a5f52581650ff1ffda204d5d460a5
65844f2f98cb4ef7ee8eea8b791a403cd4c01ff6b638adfba3613738af7efeb6
6605098d36231f0391debf6b641b0da2869e0ae702c9e98c34817715b722ac12
6641143e20b2532cd3a3c07da35d183c9f37c7c60a4731a74eb1d05136a3e5e2
6c64ad7d6c715459f331f3c136ed7c1dfeb100651cf9ae86e512956ace98e595
71d5198f6b11fbe900287c37547b1fdc6493d896a4049a2c0093892035b8aa51
7304d86d7c6c039699667162fe39abeb7d531f7f6acba2619a885d39a59ff6c5
76757ef678e74510673670f253fea1f89b87712c316ef719a697c7f6ddae04ee
7e666b1e1034c0bc14e1fe62dd0cb4180fcb3169e59ab5edefb0734f5960f99c
7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
8134295409613f9eee225d4a2e4f687c905c441238f0b82a71ef81b52c906e25
82b611ba67716b8a0ec8fa88a0284a800898b18e474432e2df1b0ea2c7711e8a
82fc6fdca0f608870cf813d5e87b63efa492e50bc34b83a782b18c3f29ea6485
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ff4e687d5a0c437a5dd19a36d2372284e32dcef6b32ed1907a99fb4c27b95b
87a1aa02b647d523b00af6888415dc564041142a4bd209c8c0bce33232fea9c8
9522f06273f78d21fff2f56b7a3ff41d77a705ededacbfba7e8044436c17743d
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
9c58f33567542167e15ff7c71863c9a3e2903c93560f9243d1afe6cbe2e2ef53
9fb42716e9dd11ea6750389ef5ad57a6cd0dfedb878d75d2895a4eb56d418442
a204849a0777563cc401d76d1a8e1ab5c5a6c554d391c0b24493985b4a4f42af
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
a9ec88f31255fb6b754bd738328cc171db125c21e21d65dcb3a6b9c8f1109dc0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b83fa70c8737076a6276c414e3b8652cab12d5e37ef9b8fa5cf8590b89432a64
b93b59ca9eee44e421ccd73ebc124b78973156ab59727d608f4c7bb2fa11ed98
bab824d761f413cead829bb91421a36884b3f908a5d86438b7df65e8336dcd2d
bbe4e66132ca8ee028c844abfc0ab6c6e8490cd3171f5e7181dbe17ae6adce25
bebd4272b1abf23cc09cf60cbf7ec07d32492ca34a702a9bd3b662b3168205ab
c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e
c95904b10eb01ff1cd51195d8ee5a0c56fc091351bbd715deb960332d799d759
cde3aa82c72e28375e51a678915fbe6433029eba1d957e2fee3b91dca4892cc2
d4435e1fca415f5a364fc836e8316f23a47c67d4f74494d832e52204cacb388d
d8b928ba1e4df240cc7115d0b6e55b288e2810f4b69e2909793c3725a0e061c7
d9ad88a673171b34d53dcafcd8c81908ea3a4d54e87d2e74b2bc712250623484
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ba3a7e2a93c39ae0ae95c42db5b80908516eb11b752c8c621e2735c1f3e042
e1fa7ccfd1f16f4829d612a8983f2fb04f9e1c0257e8b62cbfad6a7715bdcfd4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d
e7d0d9dad9dc8422cc7367db3d8dfebd94a9cfefbfc7c6043336d57544208392
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
eb90069bfb802ef63158d8954bb6a025a056b3d084e0c7aae494c7401847e590
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e07d2dfe3b2cda4771cf71134fe79f4bdffd121ab8f62be406b6100d6af6e5
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fa1629f63574b87e0242e3d19358ff0789e714902b186adf1723a9dcb802548a