urlscan.io logo urlscan.io
SecurityTrails logo

slm501y93viprod.azurewebsites.net Open in urlscan Pro
23.96.96.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Effective URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Submission: On July 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 5 countries across 27 domains to perform 64 HTTP transactions. The main IP is 23.96.96.142, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is slm501y93viprod.azurewebsites.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on May 24th 2024. Valid for: a year.
This is the only time slm501y93viprod.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 23.96.96.142 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 18.66.147.88 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2607:f1c0:862... 8560 (IONOS-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
1 35.241.59.180 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:272... 16509 (AMAZON-02)
1 3 104.18.24.173 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 18.66.112.57 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 34.168.224.78 396982 (GOOGLE-CL...)
1 142.250.186.100 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
1 54.145.222.88 14618 (AMAZON-AES)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 142.250.184.194 15169 (GOOGLE)
1 104.18.80.204 13335 (CLOUDFLAR...)
2 18.66.147.58 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 20.50.88.241 8075 (MICROSOFT...)
64 34
20    23.96.96.142 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
slm501y93viprod.azurewebsites.net
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::ac40:9758 (United States)

ASN13335 (CLOUDFLARENET, US)
dl.episerver.net
1    18.66.147.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-88.fra60.r.cloudfront.net
js.poshdevelopment.com
4    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f1c0:862:f700::a6:d312 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
efraudprevention.net
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    35.241.59.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.59.241.35.bc.googleusercontent.com
api.poshdevelopment.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js-na1.hs-scripts.com
1    2600:9000:2724:d000:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.rlets.com
3    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.66.112.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-57.fra56.r.cloudfront.net
js.ipredictive.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    2606:4700::6810:6ffe (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    34.168.224.78 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.224.168.34.bc.googleusercontent.com
5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com
1    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.google.de
1    54.145.222.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-222-88.compute-1.amazonaws.com
ad.ipredictive.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
1    104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
2    18.66.147.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-58.fra60.r.cloudfront.net
capture-api.reachlocalservices.com
1    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
2    20.50.88.241 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
20 azurewebsites.net
slm501y93viprod.azurewebsites.net
697 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 427
px4.ads.linkedin.com — Cisco Umbrella Rank: 6261
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 85
387 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1301
s.tribalfusion.com — Cisco Umbrella Rank: 4052
4 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 82
region1.google-analytics.com — Cisco Umbrella Rank: 1793
21 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 600
201 B
2 reachlocalservices.com
capture-api.reachlocalservices.com — Cisco Umbrella Rank: 27659
586 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
3 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 6514
forms.hscollectedforms.net — Cisco Umbrella Rank: 6648
25 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 158
cm.g.doubleclick.net — Cisco Umbrella Rank: 301
771 B
2 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 14313
ad.ipredictive.com — Cisco Umbrella Rank: 10159
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 216
76 KB
2 rlets.com
cdn.rlets.com — Cisco Umbrella Rank: 22410
5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com
43 KB
2 poshdevelopment.com
js.poshdevelopment.com — Cisco Umbrella Rank: 88344
api.poshdevelopment.com — Cisco Umbrella Rank: 122098 Failed
78 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 3668
1 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 6412
887 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7165
63 B
1 google.com
www.google.com — Cisco Umbrella Rank: 7
63 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 3460
26 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 3499
24 KB
1 hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 9807
1 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1217
14 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 3385
22 KB
1 gstatic.com
fonts.gstatic.com
23 KB
1 efraudprevention.net
efraudprevention.net
1 episerver.net
dl.episerver.net — Cisco Umbrella Rank: 36192
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 87
832 B
64 27
Domain Requested by
20 slm501y93viprod.azurewebsites.net slm501y93viprod.azurewebsites.net
4 www.googletagmanager.com slm501y93viprod.azurewebsites.net
www.googletagmanager.com
3 px.ads.linkedin.com 1 redirects az416426.vo.msecnd.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 capture-api.reachlocalservices.com az416426.vo.msecnd.net
2 www.facebook.com slm501y93viprod.azurewebsites.net
2 s.tribalfusion.com 1 redirects a.tribalfusion.com
2 connect.facebook.net slm501y93viprod.azurewebsites.net
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
az416426.vo.msecnd.net
1 track.hubspot.com
1 forms.hsforms.com slm501y93viprod.azurewebsites.net
1 cm.g.doubleclick.net slm501y93viprod.azurewebsites.net
1 forms.hscollectedforms.net az416426.vo.msecnd.net
1 ad.ipredictive.com js.ipredictive.com
1 www.google.de slm501y93viprod.azurewebsites.net
1 www.google.com slm501y93viprod.azurewebsites.net
1 5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com cdn.rlets.com
1 js.hs-banner.com js-na1.hs-scripts.com
1 js.hscollectedforms.net js-na1.hs-scripts.com
1 js.hs-analytics.net js-na1.hs-scripts.com
1 px4.ads.linkedin.com slm501y93viprod.azurewebsites.net
1 stats.g.doubleclick.net az416426.vo.msecnd.net
1 region1.google-analytics.com www.googletagmanager.com
1 js.ipredictive.com www.googletagmanager.com
1 a.tribalfusion.com www.googletagmanager.com
1 cdn.rlets.com www.googletagmanager.com
1 js-na1.hs-scripts.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 api.poshdevelopment.com js.poshdevelopment.com
1 az416426.vo.msecnd.net slm501y93viprod.azurewebsites.net
1 fonts.gstatic.com fonts.googleapis.com
1 efraudprevention.net slm501y93viprod.azurewebsites.net
1 js.poshdevelopment.com slm501y93viprod.azurewebsites.net
1 dl.episerver.net slm501y93viprod.azurewebsites.net
1 fonts.googleapis.com slm501y93viprod.azurewebsites.net
64 35
Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-05-24 -
2025-05-19		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
dl.episerver.net
GTS CA 1P5		 2024-05-22 -
2024-08-20		 3 months crt.sh
*.poshdevelopment.com
Amazon RSA 2048 M03		 2023-08-13 -
2024-09-11		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.efraudprevention.net
GeoTrust TLS RSA CA G1		 2023-09-21 -
2024-10-04		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
hs-scripts.com
E1		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.rlets.com
Amazon RSA 2048 M03		 2023-10-31 -
2024-11-27		 a year crt.sh
tribalfusion.com
E1		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-16 -
2024-07-15		 3 months crt.sh
*.ipredictive.com
Amazon RSA 2048 M02		 2024-02-12 -
2025-03-11		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh
hs-analytics.net
WE1		 2024-06-11 -
2024-09-09		 3 months crt.sh
hscollectedforms.net
E1		 2024-05-27 -
2024-08-25		 3 months crt.sh
hs-banner.com
E1		 2024-05-30 -
2024-08-28		 3 months crt.sh
captureapi.localiq.com
R11		 2024-06-14 -
2024-09-12		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
hsforms.com
WE1		 2024-06-14 -
2024-09-12		 3 months crt.sh
*.reachlocalservices.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
hubspot.com
E1		 2024-05-23 -
2024-08-21		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-24 -
2025-06-19		 a year crt.sh

This page contains 4 frames:

Primary Page: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Frame ID: A178F81D24DDA0C880B87A3EEDEFD7AA
Requests: 58 HTTP requests in this frame

Frame: https://efraudprevention.net/us/salem5/portal.html
Frame ID: 986F9561F81FAA4D2E55C7DF0E2E021C
Requests: 1 HTTP requests in this frame

Frame: https://5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com/static/storage.html
Frame ID: 2B792069376B178ECB67FDAC2FFB053D
Requests: 1 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=111134&cache_buster=1720393591&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&ps=0
Frame ID: E383C82F16DB315EE8C1B15BFDA31DEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fraud Prevention and Alerts | Salem Five Bank

Page URL History Show full URLs

  1. http://slm501y93viprod.azurewebsites.net/support/fraud-alerts/ HTTP 307
    https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

95 %
HTTPS

58 %
IPv6

27
Domains

35
Subdomains

34
IPs

5
Countries

1456 kB
Transfer

4965 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://slm501y93viprod.azurewebsites.net/support/fraud-alerts/ HTTP 307
    https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393591052&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&tm=gtmv2 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393591052&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&tm=gtmv2&e_ipv6=AQJNIK21QJ6E7wAAAZCPcunNiEHBF6WRE0LA7dFIRwNzQHOu1rTEPLxcOrd1TePqraj12qs
Request Chain 55
  • https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%22953992120%22%2C%22th%22%3A7234270109%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aHmneMQrfpYqMm5TYd4aQXyd7pQJZcRcl%22%2C%22url%22%3A%22https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F%22%2C%22clientName%22%3A%22Salem%2520Five%2520Bank%22%2C%22clientID%22%3A791573%2C%22eventType%22%3A%22visitor%22%2C%22segmentNumber%22%3A2%2C%22segmentName%22%3A%22SiteWide%22%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662046731347902

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Redirect Chain
  • http://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
  • https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
57 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
475d22996f0e902e44e1ec93404c50dc4ece61d8589393840a677a47cbd55413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Cache-Tag
slm501y93viprod
Content-Encoding
gzip
Content-Length
14812
Content-Type
text/html; charset=utf-8
Date
Sun, 07 Jul 2024 23:06:28 GMT
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-AspNetMvc-Version
5.2
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Non-Authoritative-Reason
HttpsUpgrades
jquery.bundle.min.js
slm501y93viprod.azurewebsites.net/Static/js/ 		334 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/js/jquery.bundle.min.js?ver=7.7.2024110629PM
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ae5a7426d7cd2662820f33f8e8dd238273644795270dfe77893fa92cb7d23062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
98552
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Mon, 17 Jun 2024 16:40:12 GMT
Server
Microsoft-IIS/10.0
ETag
"03ee05d5c0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
vendor.head.min.js
slm501y93viprod.azurewebsites.net/Static/js/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/js/vendor.head.min.js?ver=7.7.2024110629PM
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9132e51090a99fe5b602951d8c6117d634b3b082f8100b9d73f91ebcf0590112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
10886
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Mon, 17 Jun 2024 16:40:12 GMT
Server
Microsoft-IIS/10.0
ETag
"03ee05d5c0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
main.css
slm501y93viprod.azurewebsites.net/Static/css/ 		378 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110629PM
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8f1358eddcecee9dd2327d35ae86e22bee6d9629879a590708fe612141cbd558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
64371
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Mon, 17 Jun 2024 16:40:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0b74c2d5c0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
css
fonts.googleapis.com/ 		1 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700&display=swap
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 23:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:08:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 23:06:29 GMT
salem-five-logo.webp
slm501y93viprod.azurewebsites.net/globalassets/logo/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/globalassets/logo/salem-five-logo.webp
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6dc9b68b93a9546ed3a13fa45d97187d0cf1224daa92aaf6b5488102b5c46ac2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
7282
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Thu, 29 Feb 2024 14:00:55 GMT
Server
Microsoft-IIS/10.0
ETag
"1DA6B17B66F0580"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Accept-Ranges
bytes
Expires
Mon, 08 Jul 2024 11:06:29 GMT
cell-phone-with-number-1.png
slm501y93viprod.azurewebsites.net/globalassets/icons/efraud/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/globalassets/icons/efraud/cell-phone-with-number-1.png
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8844e413035905e93b0912d153f943754d4b62dbf6164acf1ebd0869edd5233e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
8924
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Fri, 09 Jun 2023 17:14:10 GMT
Server
Microsoft-IIS/10.0
ETag
"1D99AF5CE1FDD00"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Accept-Ranges
bytes
Expires
Mon, 08 Jul 2024 11:06:30 GMT
phone-with-number-2.png
slm501y93viprod.azurewebsites.net/globalassets/icons/efraud/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/globalassets/icons/efraud/phone-with-number-2.png
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
40233737cba46df1b4b3a380488a14b32494cf65c428b2d0d15d1e6106a667c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
14169
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Fri, 09 Jun 2023 17:14:59 GMT
Server
Microsoft-IIS/10.0
ETag
"1D99AF5EB54AB80"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Accept-Ranges
bytes
Expires
Mon, 08 Jul 2024 11:06:30 GMT
alert-with-number-3.png
slm501y93viprod.azurewebsites.net/globalassets/icons/efraud/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/globalassets/icons/efraud/alert-with-number-3.png
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b7291fe756f37e38355fdc0d73b53097f106529f5a881db57e3927a68686275c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
10013
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Fri, 09 Jun 2023 17:15:29 GMT
Server
Microsoft-IIS/10.0
ETag
"1D99AF5FD364E80"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Accept-Ranges
bytes
Expires
Mon, 08 Jul 2024 11:06:30 GMT
padlock-with-number-4.png
slm501y93viprod.azurewebsites.net/globalassets/icons/efraud/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/globalassets/icons/efraud/padlock-with-number-4.png
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f09dd2f6201a67485ecf649a82c108ce94fdffc2fe230a7d1eb97cbd5de1b52c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
9341
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Fri, 09 Jun 2023 17:16:09 GMT
Server
Microsoft-IIS/10.0
ETag
"1D99AF6150DD280"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Accept-Ranges
bytes
Expires
Mon, 08 Jul 2024 11:06:30 GMT
scammer-with-number-5.png
slm501y93viprod.azurewebsites.net/globalassets/icons/efraud/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/globalassets/icons/efraud/scammer-with-number-5.png
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a5d59267fbb9c93411b93d88222b8d5d2955c029b0db3f3104dd872c26382153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
11651
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Fri, 09 Jun 2023 17:16:57 GMT
Server
Microsoft-IIS/10.0
ETag
"1D99AF631AA0A80"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Accept-Ranges
bytes
Expires
Mon, 08 Jul 2024 11:06:30 GMT
twitter-logo-white-small.png
slm501y93viprod.azurewebsites.net/Static/images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/Static/images/twitter-logo-white-small.png
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bd4ff9d9cf0b9c08e94cc5bac213729ba4a52a1a0f5e3dfac94d2bbf19790524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
25512
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:48:10 GMT
Server
Microsoft-IIS/10.0
ETag
"0e9c16a68ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
vendor.min.js
slm501y93viprod.azurewebsites.net/Static/js/ 		795 KB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/js/vendor.min.js?ver=7.7.2024110629PM
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6673b2be79b4e12308271c4341f718710d7f13f391d5ec6411f5493aacde6bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
240897
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Mon, 17 Jun 2024 16:40:10 GMT
Server
Microsoft-IIS/10.0
ETag
"011af4d5c0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
localScripts.min.js
slm501y93viprod.azurewebsites.net/Static/js/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/js/localScripts.min.js?ver=7.7.2024110629PM
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cf912cdc01eda9e96deab197b1e73194b019b0c61d5364e2a4b687453533f18d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
13191
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Mon, 17 Jun 2024 16:40:08 GMT
Server
Microsoft-IIS/10.0
ETag
"0e47d3d5c0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
find.js
dl.episerver.net/13.5.9/epi-util/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.episerver.net/13.5.9/epi-util/find.js
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Feb 2024 02:06:26 GMT
server
cloudflare
age
2005565
etag
"0fd1abcea69da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
89fb7c41db631e18-FRA
content-length
2271
expires
Wed, 07 Aug 2024 23:06:30 GMT
entry.js
js.poshdevelopment.com/widget/ 		897 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.poshdevelopment.com/widget/entry.js
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e88b08c374f8146a851fd8667319a89812afc32859e634cce50c114406fe398
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
date
Sun, 07 Jul 2024 18:09:56 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
17795
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 07 Jun 2024 15:57:04 GMT
server
AmazonS3
etag
W/"003cb68d5641392aadcc9d78470af604"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800, stale-while-revalidate=14400
x-amz-cf-id
uCIgkwL3PdnuGaRh95VAxXlmxBQIZ0g9k92gUQ0NU2SVg1B_NO9Fsg==
gtm.js
www.googletagmanager.com/ 		448 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3ceebf89b9ca712cb0128087a495795e07570ca410c285c6ed5525fc874b918
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118061
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jul 2024 23:06:30 GMT
gtm.js
www.googletagmanager.com/ 		210 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NL4CTL9
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e03a85792a8a25487eed1fe9c37fbb461e354bec5ed88a0e6755fd7763e1394
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77083
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jul 2024 23:06:30 GMT
portal.html
efraudprevention.net/us/salem5/ Frame 986F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://efraudprevention.net/us/salem5/portal.html
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2607:f1c0:862:f700::a6:d312 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
9581
Content-Type
text/html
Date
Sun, 07 Jul 2024 23:06:31 GMT
ETag
"4cb248bba43da1:0"
Last-Modified
Wed, 10 Jan 2024 11:45:43 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
OpenSans-Bold-webfont.woff
slm501y93viprod.azurewebsites.net/Static/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/OpenSans-Bold-webfont.woff
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110629PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
22432
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
OpenSans-Semibold-webfont.woff
slm501y93viprod.azurewebsites.net/Static/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/OpenSans-Semibold-webfont.woff
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110629PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
22908
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
OpenSans-Light-webfont.woff
slm501y93viprod.azurewebsites.net/Static/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/OpenSans-Light-webfont.woff
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110629PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a1cb81c9f07f1f399db66ec188c02a1c74bc382df9a8550ab8091aac93dff8a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
22248
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
fontawesome-webfont.woff2
slm501y93viprod.azurewebsites.net/Static/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110629PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
77160
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
OpenSans-Regular-webfont.woff
slm501y93viprod.azurewebsites.net/Static/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/Static/fonts/OpenSans-Regular-webfont.woff
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110629PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
22660
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 18:29:04 GMT
x-content-type-options
nosniff
age
275846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 18:29:04 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Jul 2024 23:06:30 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1458
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3d69bbc2-b01e-0053-2ebe-d027ca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sun, 07 Jul 2024 23:36:30 GMT
footer-member-logos.png
slm501y93viprod.azurewebsites.net/Static/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slm501y93viprod.azurewebsites.net/Static/images/footer-member-logos.png
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/Static/css/main.css?ver=7.7.2024110629PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c83158574a0d7dae5281d4b442b7d7a78f292e57d4fb849085e1848adff92264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
2358
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
graphql
api.poshdevelopment.com/api/v1/channel/web/v1/ 		0
0
graphql
api.poshdevelopment.com/api/v1/channel/web/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.poshdevelopment.com/api/v1/channel/web/v1/graphql?deploymentID=e1ae31bb-a037-4ab5-93be-d71beb1091f2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.59.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.59.241.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-posh-deployment-id
Access-Control-Request-Method
POST
Origin
https://slm501y93viprod.azurewebsites.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

allow
POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
content-type
text/html; charset=utf-8
date
Sun, 07 Jul 2024 23:06:30 GMT
etag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
referrer-policy
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL4CTL9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jul 2024 21:41:01 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5129
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 07 Jul 2024 23:41:01 GMT
js
www.googletagmanager.com/gtag/ 		359 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HV0QYWK2VZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6fbc47b9d22914ce0a49df412dcdd823b470a4d509577b0934f8222bd2a6dd07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
113425
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jul 2024 23:06:30 GMT
destination
www.googletagmanager.com/gtag/ 		239 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1018842068&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
81f684b028836ed32bdf5ef7ed3421ac0fef89f2fce13660ce482254f5527af3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87118
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jul 2024 23:06:30 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 16:46:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=68911
accept-ranges
bytes
content-length
14004
23589689.js
js-na1.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/23589689.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdaf8366e1d48faf7f55491efde066ed78c707fd310592fd15d213aa12652d3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-hubspot-correlation-id
fc888661-539d-406b-84c6-716933bcab54
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=1556
age
3978
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fc888661-539d-406b-84c6-716933bcab54
cf-bgj
minify
last-modified
Sun, 07 Jul 2024 22:00:12 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-7dd59b876-2mxpl
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cf-ray
89fb7c4778932c4f-FRA
1de4b368ee7292d3ef802dc.js
cdn.rlets.com/capture_configs/589/8eb/e55/ 		179 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_configs/589/8eb/e55/1de4b368ee7292d3ef802dc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:d000:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a57109bd7d7d0f6aec02a9d29f98afed3ed0045fd986faa7b30ef809f3b52341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sun, 07 Jul 2024 21:30:57 GMT
via
1.1 58afb490a7c8c45de5813dbf9e713c0c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P12
age
5733
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a022111f52dbb879c8b5ebbbda1a4f39
x-runtime
0.082996
referrer-policy
strict-origin-when-cross-origin
etag
W/"a57109bd7d7d0f6aec02a9d29f98afed"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
x-amz-cf-id
dJc3d36pa7t7so0Eh59U9MLNV-sKB1r_T8ZeE0QgUjJSS36p70vr0Q==
pixel.js
a.tribalfusion.com/pixel/tags/Salem%20Five%20Bank/791573/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/pixel/tags/Salem%20Five%20Bank/791573/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0216d874a945a1bf53036539389c257c571cde8f76ab1be43d71c20382ad7617

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400
content-length
2009
x-function
151
last-modified
Tue, 11 Jun 2024 07:41:25 GMT
server
cloudflare
x-reuse-index
23
etag
12822123156415441045
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
89fb7c45987a4504-TXL
expires
Mon, 08 Jul 2024 00:06:30 GMT
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jul 2024 23:06:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2806, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
C64ABp47xsesgx4y9+xs5gMAhTgRL9XA0OCnBcZotRxer2Ur+B0RguaLI02xAooeovdpVizcj1w+iKQJUpAEww==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
viant_universal_pixel.js
js.ipredictive.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/viant_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK659G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-57.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e43cbf3e54c447adae3b2b8c498dc6cba091b9b642786962439a3615e242a9f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:50:40 GMT
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
last-modified
Mon, 06 May 2024 21:05:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
953
x-amz-server-side-encryption
AES256
etag
"382be3641677196a7ee74758ade9f9aa"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2101
x-amz-cf-id
WDC1_AyyiRu277ocQcoEXHOI1d-uJQ9CuJeiSK6XU-hM4rJ5YFjF6A==
collect
www.google-analytics.com/j/ 		4 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1680907636&t=pageview&_s=1&dl=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&ul=de-de&de=UTF-8&dt=Fraud%20Prevention%20and%20Alerts%20%7C%20Salem%20Five%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=258641&gjid=1647002891&cid=444702300.1720393591&tid=UA-25566418-3&_gid=1142072982.1720393591&_r=1&_slc=1&gtm=45He4730n81NL4CTL9v9102024427za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=928564496
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 23:06:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://slm501y93viprod.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HV0QYWK2VZ&gtm=45je4730v875872837z878205442za200zb78205442&_p=1720393590037&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=444702300.1720393591&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&sid=1720393590&sct=1&seg=0&dt=Fraud%20Prevention%20and%20Alerts%20%7C%20Salem%20Five%20Bank&en=page_view&_fv=1&_ss=1&ep.content_group=Support&tfd=2361&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HV0QYWK2VZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 23:06:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://slm501y93viprod.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-25566418-3&cid=444702300.1720393591&jid=258641&gjid=1647002891&_gid=1142072982.1720393591&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1316274520
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 07 Jul 2024 23:06:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://slm501y93viprod.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.ads.linkedin.com/wa/ 		0
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:30 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3724F1EBE9654F89A4FF332D62EA777B Ref B: FRAEDGE1207 Ref C: 2024-07-07T23:06:31Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://slm501y93viprod.azurewebsites.net
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYcsFjhMN7VvXwCGgzMRQ==
attribution_trigger
px.ads.linkedin.com/ 		2 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2807730&time=1720393591052&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&tm=gtmv2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:31 GMT
content-encoding
gzip
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4F7F3A7C1E014505B236977B4CD30BB4 Ref B: DUS30EDGE0909 Ref C: 2024-07-07T23:06:31Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lva1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYcsFjj62uCxKKvPJxJDw==
x-fs-uuid
00061cb058e3eb6b82c4a2af3c9c490f
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393591052&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&tm=gtmv2
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393591052&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&tm=gtmv2&e_ipv6=AQJNIK21QJ6E7wAAAZCPcu...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393591052&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&tm=gtmv2&e_ipv6=AQJNIK21QJ6E7wAAAZCPcunNiEHBF6WRE0LA7dFIRwNzQHOu1rTEPLxcOrd1TePqraj12qs
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 07 Jul 2024 23:06:31 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 938BD9FA7CE0404C81AB5A056BC5AA63 Ref B: DUS30EDGE0709 Ref C: 2024-07-07T23:06:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcsFjlW1lKtscB/rEkXg==

Redirect headers

date
Sun, 07 Jul 2024 23:06:30 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 05B80B91757848B4B4020E85353AD76A Ref B: FRAEDGE1207 Ref C: 2024-07-07T23:06:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2807730&time=1720393591052&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&tm=gtmv2&e_ipv6=AQJNIK21QJ6E7wAAAZCPcunNiEHBF6WRE0LA7dFIRwNzQHOu1rTEPLxcOrd1TePqraj12qs
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcsFjhMMvcPF1wZYu+Fg==
23589689.js
js.hs-analytics.net/analytics/1720389600000/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1720389600000/23589689.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23589689.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff59603635e3d935f1531ab20f57aca57c6e6a32e64fb56d01bf9101d737172

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:31 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
ADCKR2VRBV7FPHR5
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
d74634c4-e82a-4069-8c30-1d183fdd3a1e
age
3
x-envoy-upstream-service-time
43
x-amz-id-2
47iMJRTfjjOKYydojeciVOmcY3UYm/7JpzL19Scvm2PN3Gini/P5+36JcL7swFi+V3QzRglHRRxcZ5CXFwkkM/HVxSLshwtulPBfOHspC8c=
x-evy-trace-listener
listener_https
x-request-id
d74634c4-e82a-4069-8c30-1d183fdd3a1e
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 21 Jun 2024 21:36:43 GMT
server
cloudflare
etag
W/"edd18ddbd508ca57ebced65e7a8dee3e"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-647fb
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
89fb7c491c428f3c-FRA
expires
Sun, 07 Jul 2024 23:11:28 GMT
collectedforms.js
js.hscollectedforms.net/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23589689.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://slm501y93viprod.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
age
488
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=89fb705e29569bfa-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
date
Sun, 07 Jul 2024 23:06:31 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
c2b6e4fa-697e-409a-b850-25ced8884606
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-request-id
c2b6e4fa-697e-409a-b850-25ced8884606
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-65f7f7c749-2hwf8
cf-ray
89fb7c491a120414-FRA
x-amz-cf-id
V6rm0zWS38DdIj2VJFStS9tupYkYnm_kXJNLdLTndh-PVAVwuAuq0A==
banner.js
js.hs-banner.com/v2/23589689/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/23589689/banner.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23589689.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623d3157340c2151bc9125f231cefff1be62809b5514a5e36505964e3de76e0b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:31 GMT
x-amz-version-id
RpnDmCmLCjtF4aMgkzL8QwznHcH2Z52w
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
0XGYG4J3MCEVTCJK
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
0abc727d-e73e-476b-9173-82af4cd5116b
age
3
x-envoy-upstream-service-time
81
x-amz-id-2
6E9AFLI6snCxsg2PflnmUNxQeGCDVLQ0ZcoMqlpLl9MSU9Q7a/hKDNbUZlrbEvNIaShr+DVYDN4=
x-evy-trace-listener
listener_https
x-request-id
0abc727d-e73e-476b-9173-82af4cd5116b
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 15 Apr 2024 16:59:35 GMT
server
cloudflare
etag
W/"a73b7dfe95e08a4b892e049bae1a3fa5"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
vary
origin, Accept-Encoding
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-rslzw
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
89fb7c48f81d9299-FRA
expires
Sun, 07 Jul 2024 23:11:28 GMT
storage.html
5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com/static/ Frame 2B79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/589/8eb/e55/1de4b368ee7292d3ef802dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
2056
content-type
text/html
date
Sun, 07 Jul 2024 23:06:31 GMT
last-modified
Fri, 31 May 2024 20:08:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
displayAd.js
s.tribalfusion.com/ 		678 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7234270109
Requested by
Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/Salem%20Five%20Bank/791573/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98e1b16ff262ec531d2f816853f68623ecd37682dc5e47996b326d0d774d637

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
153
last-modified
Tue, 11 Jun 2024 07:41:25 GMT
server
cloudflare
x-reuse-index
1498
vary
Accept-Encoding
content-type
application/x-javascript
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private
cf-ray
89fb7c493ee94504-TXL
alt-svc
h3=":443"; ma=86400
content-length
331
expires
Sat, 05 Oct 2024 23:06:31 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25566418-3&cid=444702300.1720393591&jid=258641&npa=1&_u=YEBAAEAAAAAAACAAI~&z=174133068
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 23:06:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25566418-3&cid=444702300.1720393591&jid=258641&npa=1&_u=YEBAAEAAAAAAACAAI~&z=174133068
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 23:06:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
ad.ipredictive.com/d/track/ Frame E383 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ipredictive.com/d/track/event?upid=111134&cache_buster=1720393591&url=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&ps=0
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/viant_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.222.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-222-88.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Length
0
Date
Sun, 07 Jul 2024 23:06:31 GMT
X-CI-RTID
4f227e85-b6ce-43b4-98f6-d21d073c3bdf
169124471385309
connect.facebook.net/signals/config/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/169124471385309?v=2.9.160&r=stable&domain=slm501y93viprod.azurewebsites.net&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17923a86d2f12244b69eb1ebfe325f607caba7b39828a8940cce9c4efd1d957f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jul 2024 23:06:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16876
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=65, mss=1297, tbw=63834, tp=-1, tpl=-1, uplat=9, ullat=-1
pragma
public
x-fb-debug
f1+yjixhlvXNVBCM9RDyrWl5jV97YmVkrH/dsHrsw0KQ8z/56ESVJ/mveKpx2trxJavmRh5ajuz6Z93qGHS7kg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		136 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=23589689&utk=
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77c58366127d4e57c33f6306797204ceec57af242b630e94c4663464741300da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
6ab6af37-443c-4a0e-b2cc-097b921834b4
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6ab6af37-443c-4a0e-b2cc-097b921834b4
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://slm501y93viprod.azurewebsites.net
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-65f7f7c749-th2td
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
89fb7c4acbe50414-FRA
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169124471385309&ev=PageView&dl=https%3A%2F%2Fslm501y93viprod.azurewebsites.net&rl=&if=false&ts=1720393591492&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.2.1720393591487.272593095676235089&cs_est=true&pm=1&hrl=0ea58c&ler=empty&cdl=API_unavailable&it=1720393591315&coo=false&cs_cc=1&rqm=GET
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://slm501y93viprod.azurewebsites.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2810, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 07 Jul 2024 23:06:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=169124471385309&ev=PageView&dl=https%3A%2F%2Fslm501y93viprod.azurewebsites.net&rl=&if=false&ts=1720393591492&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.2.1720393591487.272593095676235089&cs_est=true&pm=1&hrl=0ea58c&ler=empty&cdl=API_unavailable&it=1720393591315&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://slm501y93viprod.azurewebsites.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb4f77ecb9b2bcbf5","source_keys":["1","2"]},{"key_piece":"0x4ffdec74852fdf39","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 07 Jul 2024 23:06:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389034211583177578", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=3128, tp=-1, tpl=-1, uplat=161, ullat=0
pragma
no-cache
x-fb-debug
rENM70iFOjQvESOCtLk4fI2ziVxIqA4XzusOLtJ4grn1OA2L02TIN+CGNkNAz1PRqxPCkriIdzTP+Z2yQU8YNg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389034211583177578"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%22953992120%22%2C%22th%22%3A7234270109%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aHmneMQrfpYqMm5TYd4aQXyd7pQJZcRcl%22%2C%22url%22%3A%22http...
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662046731347902
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662046731347902
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 23:06:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Jul 2024 23:06:31 GMT
cf-cache-status
DYNAMIC
x-function
307
server
cloudflare
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662046731347902
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
89fb7c4af9cd4504-TXL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2
Requested by
Host: slm501y93viprod.azurewebsites.net
URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
34a527b0-310e-474b-80ce-109555f70e2f
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
34a527b0-310e-474b-80ce-109555f70e2f
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-776cb5686f-8bqln
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
89fb7c4c2df6b5f1-WAW
originCountry
capture-api.reachlocalservices.com/ 		35 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
/
Resource Hash
2b343b21215fef87f4079b62256d4bc29f0697202fa85141731716654c303745

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 07 Jul 2024 23:06:32 GMT
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amzn-requestid
89ed0dd9-2287-49a3-a6ca-942bc41be03f
x-amzn-trace-id
Root=1-668b1f78-3881b9857708ea19660cd544;Parent=6507ad1d6ee72f17;Sampled=0;lineage=a245b58f:0
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
akHa6HUEvHcED9w=
content-length
35
x-amz-cf-id
K1Icxel2sCZZTwrcOsCLMMw_RCgCkJTZ_8zzBdtNmzBcQRYnBtf5zA==
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
originCountry
capture-api.reachlocalservices.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://slm501y93viprod.azurewebsites.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 07 Jul 2024 23:06:32 GMT
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-apigw-id
akHa1E8RvHcEOEw=
x-amz-cf-id
Tc9JC3pbO-dUkpakpnj2-YzOVrRUCVLlS3irDOPC748Jbzf4NuFcKg==
x-amz-cf-pop
FRA60-P4
x-amzn-requestid
734d958c-1fb9-461f-a7bf-528d53a1454b
x-cache
Miss from cloudfront
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=23589689&rcu=https%3A%2F%2Fwww.salemfive.com%2Fsupport%2Ffraud-alerts%2F&pu=https%3A%2F%2Fslm501y93viprod.azurewebsites.net%2Fsupport%2Ffraud-alerts%2F&t=Fraud+Prevention+and+Alerts+%7C+Salem+Five+Bank&cts=1720393593287&vi=b7c26275353c33482af2d5f5a4eb6aee&nc=true&u=24525925.b7c26275353c33482af2d5f5a4eb6aee.1720393593283.1720393593283.1720393593283.1&b=24525925.1.1720393593283&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 23:06:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
48e5e9e8-ee1a-4c09-9908-bc666f74c6dd
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
10
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
48e5e9e8-ee1a-4c09-9908-bc666f74c6dd
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTF6DwPIBLotz0s8OUAR4ZwbLX6WV8jMnxJV%2FKZMaoVbYCb5RaE18%2FMliK%2F6NTVXhLSqvova05Nm5A%2FOKvPoxF2cXkvlfnZeRq4HhR4t0mg%2BHCpNRL04jtaFJN%2Fxd9THRzaX%2F1MP9mWMuiY7bGGY"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-b5qjn
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
89fb7c56df5f9bcb-FRA
x-robots-tag
none
track
dc.services.visualstudio.com/v2/ 		96 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f2689972660e6f32ea3a44e2fd8a656d3ac62f9854876d96106e51d7d3b00ea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 23:06:33 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
favicon.ico
slm501y93viprod.azurewebsites.net/ 		894 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://slm501y93viprod.azurewebsites.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.96.96.142 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ce5ab6d59077eb33706bf0f57cb10f7771172b089cf376de913bfcef0326458b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 23:06:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cache-Tag
slm501y93viprod
Content-Length
894
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9d999173-00cc-45dd-8e72-03f74f64bc11
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Apr 2024 17:44:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0779d84a58ada1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400
Accept-Ranges
bytes
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://slm501y93viprod.azurewebsites.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Sun, 07 Jul 2024 23:06:33 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.poshdevelopment.com
URL
https://api.poshdevelopment.com/api/v1/channel/web/v1/graphql?deploymentID=e1ae31bb-a037-4ab5-93be-d71beb1091f2

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 undefined| event object| fence object| sharedStorage function| $ function| jQuery function| _ function| iFrameResize object| dataLayer object| appInsights object| fontawesome object| _gsScope boolean| jquery_dotdotdot_min_js object| Mustache object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| ScrollToPlugin function| ScrollMagic function| CountUp function| FindApi object| api function| addAltToTrackingImage object| observer boolean| foundImage object| config object| webpackJsonp function| setImmediate function| clearImmediate string| deploymentId object| posh object| $header object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external object| AI object| Microsoft function| __extends function| _endsWith object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| a9 function| fbq function| _fbq function| onYouTubeIframeAPIReady object| Utils object| PlacesService object| Gallery object| autoComplete object| LoanOfficerService object| FinancialAdvisorService object| speechRecognition object| gaplugins object| gaGlobal object| gaData function| lintrk object| ORIBILI object| _hsp object| rl_widget_cfg object| RLCAP object| captureStatus object| A9PIXEL object| a9PixelQue function| ViantUniversalPixel object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug undefined| e9Manager undefined| e9 object| expoDisplayAd boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime

26 Cookies

Domain/Path Name / Value
slm501y93viprod.azurewebsites.net/ Name: ASP.NET_SessionId
Value: iu1uedqosxhj42xptm1cw10b
slm501y93viprod.azurewebsites.net/ Name: EPi_NumberOfVisits
Value: 1,2024-07-07T23:06:29
.slm501y93viprod.azurewebsites.net/ Name: ARRAffinity
Value: 88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20
.slm501y93viprod.azurewebsites.net/ Name: ARRAffinitySameSite
Value: 88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20
slm501y93viprod.azurewebsites.net/ Name: ai_user
Value: 1RvIo|2024-07-07T23:06:30.490Z
.slm501y93viprod.azurewebsites.net/ Name: _gcl_au
Value: 1.1.328209112.1720393591
.slm501y93viprod.azurewebsites.net/ Name: _gid
Value: GA1.3.1142072982.1720393591
.slm501y93viprod.azurewebsites.net/ Name: _gat_UA-25566418-3
Value: 1
.slm501y93viprod.azurewebsites.net/ Name: _ga_HV0QYWK2VZ
Value: GS1.1.1720393590.1.0.1720393590.0.0.0
.slm501y93viprod.azurewebsites.net/ Name: _ga
Value: GA1.1.444702300.1720393591
slm501y93viprod.azurewebsites.net/ Name: ai_session
Value: 6lw1U|1720393591018.9|1720393591018.9
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2942:u=1:x=1:i=1720393591:t=1720479991:v=2:sig=AQG0GbE4hCxcp4Y47kufIMB3MImp5xic"
.linkedin.com/ Name: bcookie
Value: "v=2&94c2f7ee-3397-4fb9-8620-92c316019052"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjAzOTM1OTE7MjswMjGPGQfozCbFrb7hXNXHh6vSLnL5BjJNlwQqI4y3XC4JlQ==
.slm501y93viprod.azurewebsites.net/ Name: _fbp
Value: fb.2.1720393591487.272593095676235089
.tribalfusion.com/ Name: ANON_ID
Value: alnrXhtZdPuom7SpBmPo7UZaIY6mtQZbxibK3yhQFYQvb0GmDikuZatsoESsnrcdUoopUyIIqWLi
.ipredictive.com/ Name: cu
Value: 2a0667d4-c79a-4723-ae92-47a6eb47d2c0|1720393591680
5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com/ Name: test
Value: test
.hsforms.com/ Name: __cf_bm
Value: j9JBqFNEJzw4Wtlh76seOjD67bIbxVrq9QdDw8ntcpY-1720393591-1.0.1.1-7ZtJCh2CmD978KDErUDwBuJ_t1Kun.H7FYrFvuPHzUqQTlRrpM8NpB8J6QuPUv6hhT.2BFQcN8A7AneGrX5q0w
.hsforms.com/ Name: _cfuvid
Value: 0BYzN.VRwScuIZAKwfS5k8uGsy6Q4tNcPKNS39FeH5g-1720393591825-0.0.1.1-604800000
slm501y93viprod.azurewebsites.net/ Name: __hstc
Value: 24525925.b7c26275353c33482af2d5f5a4eb6aee.1720393593283.1720393593283.1720393593283.1
slm501y93viprod.azurewebsites.net/ Name: hubspotutk
Value: b7c26275353c33482af2d5f5a4eb6aee
slm501y93viprod.azurewebsites.net/ Name: __hssrc
Value: 1
slm501y93viprod.azurewebsites.net/ Name: __hssc
Value: 24525925.1.1720393593283
.hubspot.com/ Name: __cf_bm
Value: Yw32yfg61Fnw.QkNqaLWL97JuPUhC1.8GrnLYSG4xjY-1720393593-1.0.1.1-A0rf9TPyq2XwHsxliakRX2cMqt_LtbO6o7Vn028gyTCPgb0PApkjNg_Bg0X_DtRnwc4as4sWMXCzni1ildcCLw
.hubspot.com/ Name: _cfuvid
Value: iIVsoR6u1J9z5v0vEZL.eLRdx42Px9HqHnCM6oJUXQo-1720393593541-0.0.1.1-604800000

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript error URL: https://slm501y93viprod.azurewebsites.net/support/fraud-alerts/
Message:
Access to fetch at 'https://api.poshdevelopment.com/api/v1/channel/web/v1/graphql?deploymentID=e1ae31bb-a037-4ab5-93be-d71beb1091f2' from origin 'https://slm501y93viprod.azurewebsites.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.poshdevelopment.com/api/v1/channel/web/v1/graphql?deploymentID=e1ae31bb-a037-4ab5-93be-d71beb1091f2
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5898ebe5-51de-4b36-8ee7-292d3ef802dc.rlets.com
a.tribalfusion.com
ad.ipredictive.com
api.poshdevelopment.com
az416426.vo.msecnd.net
capture-api.reachlocalservices.com
cdn.rlets.com
cm.g.doubleclick.net
connect.facebook.net
dc.services.visualstudio.com
dl.episerver.net
efraudprevention.net
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
js.ipredictive.com
js.poshdevelopment.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.tribalfusion.com
slm501y93viprod.azurewebsites.net
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
api.poshdevelopment.com
104.18.24.173
104.18.80.204
13.107.42.14
142.250.181.227
142.250.184.194
142.250.186.100
18.66.112.57
18.66.147.58
18.66.147.88
20.50.88.241
2001:4860:4802:32::36
23.96.96.142
2600:9000:2724:d000:6:9a19:88c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:4400::ac40:9758
2606:4700:4400::ac40:991b
2606:4700::6810:6ffe
2606:4700::6810:7674
2606:4700::6810:8bd1
2606:4700::6810:a0a8
2607:f1c0:862:f700::a6:d312
2620:1ec:21::14
2a00:1450:4001:806::200e
2a00:1450:4001:808::2008
2a00:1450:4001:811::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9a
2a02:26f0:3500:10::210:a99
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.168.224.78
35.241.59.180
54.145.222.88
0216d874a945a1bf53036539389c257c571cde8f76ab1be43d71c20382ad7617
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
17923a86d2f12244b69eb1ebfe325f607caba7b39828a8940cce9c4efd1d957f
1e43cbf3e54c447adae3b2b8c498dc6cba091b9b642786962439a3615e242a9f
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b343b21215fef87f4079b62256d4bc29f0697202fa85141731716654c303745
3ff59603635e3d935f1531ab20f57aca57c6e6a32e64fb56d01bf9101d737172
40233737cba46df1b4b3a380488a14b32494cf65c428b2d0d15d1e6106a667c4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
475d22996f0e902e44e1ec93404c50dc4ece61d8589393840a677a47cbd55413
4e03a85792a8a25487eed1fe9c37fbb461e354bec5ed88a0e6755fd7763e1394
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
623d3157340c2151bc9125f231cefff1be62809b5514a5e36505964e3de76e0b
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6673b2be79b4e12308271c4341f718710d7f13f391d5ec6411f5493aacde6bdd
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
6dc9b68b93a9546ed3a13fa45d97187d0cf1224daa92aaf6b5488102b5c46ac2
6e88b08c374f8146a851fd8667319a89812afc32859e634cce50c114406fe398
6fbc47b9d22914ce0a49df412dcdd823b470a4d509577b0934f8222bd2a6dd07
77c58366127d4e57c33f6306797204ceec57af242b630e94c4663464741300da
81f684b028836ed32bdf5ef7ed3421ac0fef89f2fce13660ce482254f5527af3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8844e413035905e93b0912d153f943754d4b62dbf6164acf1ebd0869edd5233e
8f1358eddcecee9dd2327d35ae86e22bee6d9629879a590708fe612141cbd558
9132e51090a99fe5b602951d8c6117d634b3b082f8100b9d73f91ebcf0590112
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
a1cb81c9f07f1f399db66ec188c02a1c74bc382df9a8550ab8091aac93dff8a2
a57109bd7d7d0f6aec02a9d29f98afed3ed0045fd986faa7b30ef809f3b52341
a5d59267fbb9c93411b93d88222b8d5d2955c029b0db3f3104dd872c26382153
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae5a7426d7cd2662820f33f8e8dd238273644795270dfe77893fa92cb7d23062
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b7291fe756f37e38355fdc0d73b53097f106529f5a881db57e3927a68686275c
bd4ff9d9cf0b9c08e94cc5bac213729ba4a52a1a0f5e3dfac94d2bbf19790524
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c83158574a0d7dae5281d4b442b7d7a78f292e57d4fb849085e1848adff92264
cdaf8366e1d48faf7f55491efde066ed78c707fd310592fd15d213aa12652d3d
ce5ab6d59077eb33706bf0f57cb10f7771172b089cf376de913bfcef0326458b
cf912cdc01eda9e96deab197b1e73194b019b0c61d5364e2a4b687453533f18d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ceebf89b9ca712cb0128087a495795e07570ca410c285c6ed5525fc874b918
e98e1b16ff262ec531d2f816853f68623ecd37682dc5e47996b326d0d774d637
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09dd2f6201a67485ecf649a82c108ce94fdffc2fe230a7d1eb97cbd5de1b52c
f2689972660e6f32ea3a44e2fd8a656d3ac62f9854876d96106e51d7d3b00ea8