directexpresshelp.com Open in urlscan Pro
2606:4700:3031::ac43:c2c0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://directexpresshelp.com/
Effective URL:
https://directexpresshelp.com/
Submission: On November 26 via api (November 26th 2023, 11:43:24 am UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3031::ac43:c2c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is directexpresshelp.com.
TLS certificate: Issued by GTS CA 1P5 on October 4th 2023. Valid for: 3 months.

This is the only time directexpresshelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:14e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700:303... 2606:4700:3031::ac43:c2c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
15	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	44.215.133.91 44.215.133.91	14618 (AMAZON-AES) (AMAZON-AES)
1	52.94.230.46 52.94.230.46	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:244... 2600:9000:2449:1600:1d:d7f6:39d3:7a61	16509 (AMAZON-02) (AMAZON-02)
2	52.94.225.95 52.94.225.95	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
62	17

1 2606:4700:3036::6815:14e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

directexpresshelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3031::ac43:c2c0 (United States)

ASN13335 (CLOUDFLARENET, US)

directexpresshelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.215.133.91 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-133-91.compute-1.amazonaws.com

rcm-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.230.46 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.assoc-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:1600:1d:d7f6:39d3:7a61 (United States)

ASN16509 (AMAZON-02, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.225.95 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

fls-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	directexpresshelp.com 1 redirects directexpresshelp.com	177 KB
17	wp.com i0.wp.com — Cisco Umbrella Rank: 3823 stats.wp.com — Cisco Umbrella Rank: 2855 pixel.wp.com — Cisco Umbrella Rank: 2799	190 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	225 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	amazon-adsystem.com 1 redirects rcm-na.amazon-adsystem.com — Cisco Umbrella Rank: 37059 fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 8787	938 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 14674	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	147 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	ssl-images-amazon.com images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 845	90 KB
1	assoc-amazon.com ws-na.assoc-amazon.com — Cisco Umbrella Rank: 31912	44 KB
62	12

	Domain	Requested by
19	directexpresshelp.com	1 redirects directexpresshelp.com
15	i0.wp.com	directexpresshelp.com
6	pagead2.googlesyndication.com	directexpresshelp.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fls-na.amazon-adsystem.com	ws-na.assoc-amazon.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	directexpresshelp.com connect.facebook.net
2	images.dmca.com	directexpresshelp.com
2	www.googletagmanager.com	directexpresshelp.com www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	images-na.ssl-images-amazon.com	ws-na.assoc-amazon.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.wp.com	directexpresshelp.com
1	ws-na.assoc-amazon.com	directexpresshelp.com
1	rcm-na.amazon-adsystem.com	1 redirects
1	stats.wp.com	directexpresshelp.com
62	18

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.amazon.com
maps.google.com
www.dmca.com
generatepress.com

Subject Issuer	Validity	Valid
directexpresshelp.com GTS CA 1P5	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
images.dmca.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon RSA 2048 M01	`2023-03-16` - `2024-01-21`	10 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-04` - `2023-12-03`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2023-08-09` - `2024-07-24`	a year	crt.sh
fls-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://directexpresshelp.com/
Frame ID: 6C3A9A35F1256645E79E4039E09386B5
Requests: 51 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Frame ID: 359273F31B2265CDB5F976904F70893C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: E7EC0EB17A4F0709B782A974879CE4CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517003535209854&output=html&adk=1812271804&adf=3025194257&lmt=1700999000&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdirectexpresshelp.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700999000517&bpp=2&bdt=228&idt=241&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6983915425641&frm=20&pv=2&ga_vid=2138069635.1700999001&ga_sid=1700999001&ga_hid=2018604871&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C31079757%2C44807754%2C44807764%2C44808148%2C44808284%2C44809055%2C31061690&oid=2&pvsid=511391866991326&tmod=198508843&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=254
Frame ID: FAC9A6592B0CB5FB4D3F573278A35FE9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0FFF17EE23A2F216A6FC6A72F969FE1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41937A359D03D1AFC935C00A0D944AA6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Direct Express Card Help - Direct Express Card, Social Security & Disability

Page URL History Show full URLs

http://directexpresshelp.com/ HTTP 301
https://directexpresshelp.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

98 %
HTTPS

72 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

1000 kB
Transfer

2435 kB
Size

19
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/@directexpresshelp
Title: Watch Our Youtube Videos

Search URL Search Domain Scan URL

URL: https://www.amazon.com/58f8026f-0658-47d0-9752-f6fa2c69b2e2/qualify?tag=dehelphome-20&linkCode=ur1
Title: Sign up today!

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?z=16&q=you%2Bcan%2Breach%2Bdirect%2Bexpress%2Busing%2Bthe%2Bcontact%2Binformation%2Bbelow%3A%2Bprocessing%2Bcenter%2Bpo%2Bbox%2B245998%2Bsan%2Bantonio%2C%2Btx%2B78224-5998
Title: You can reach Direct Express using the contact information below:Processing CenterPO Box 245998San Antonio, TX 78224-5998

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=9dfa0eed-0bfb-484b-8953-6fde7868aca9&refurl=https://directexpresshelp.com/

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://directexpresshelp.com/ HTTP 301
https://directexpresshelp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20 HTTP 302
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
directexpresshelp.com/
Redirect Chain

http://directexpresshelp.com/
https://directexpresshelp.com/

104 KB
21 KB

620ms
572ms

Document
text/html

2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

c3e279fc17c65606992b8a9adeda5d3b216bf0e12ea22777233855cf59df5035

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 82c1df844cab1e4d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 11:43:20 GMT
display: orig_site_sol
expires: Sat, 25 Nov 2023 11:43:20 GMT
link: <https://directexpresshelp.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/7Yy4l>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsycgXQX85kAdM9v6zhcLMDo9drRhOQa5L8WfJ3B1PLmd7wuVXyt0OjStGtcbU%2BpmOqn05uR9uvKZgRyeYk6EmpcqMl10uK4dsrC4MJvQ3y%2BN%2BBoszRuhpathj2bHASMx2Y28At088u5wJ8yezER%2Flbqg88%3D"}],"group":"cf-nel","max_age":604800}
response: 200
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: HIT: 2
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-ezoic-cdn: Miss
x-middleton-display: orig_site_sol
x-middleton-response: 200
x-origin-cache-control: max-age=600, must-revalidate
x-powered-by: WP Engine
x-sol: orig
x-ua-compatible: IE=edge

Redirect headers

CF-RAY: 82c1df83c9d7371d-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 26 Nov 2023 11:43:19 GMT
Expires: Sun, 26 Nov 2023 12:43:19 GMT
Location: https://directexpresshelp.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2YdtqwS9LmRg5Cp85FQIcmBEYB%2FcmCr7WIJ7axoEaLtkHDBgxyg4noEwqDMBpwVtPsKB88GQS6pMSMpGLw8CmWkGZs5amhV6Bt21MLsEf%2Bj6sOmkV0G6WTV0hLOIUQA71%2BlPRCDSLWPwg7N0rsiqzf0dLc%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400

GET
H2 200 autoptimize_05bc9eefeeab4efa79e4afe6a8c05bbe.css
directexpresshelp.com/wp-content/cache/autoptimize/css/ 261 KB
43 KB 36ms
35ms Stylesheet
text/css 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/wp-content/cache/autoptimize/css/autoptimize_05bc9eefeeab4efa79e4afe6a8c05bbe.css

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09f0a890903026b2c6d55131d96f859fc315c9c6358cf9f5c84ae8fcfa85d796

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 270002
cf-polished: origSize=267132
x-ezoic-cdn: Hit ds;mm;0e56d8fc86d10143ffa1ccbfc4b6f7f4;2-510601-1;c0e161f4-57ee-4289-45f8-c98a4413024c
x-middleton-display: staticcontent_sol
content-encoding: br
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
response: 200
cf-bgj: minify
last-modified: Wed, 22 Nov 2023 21:09:45 GMT
server: cloudflare
etag: W/"655e6e19-4137c-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbckFLMjQ7%2BQLzfGRDFpmE7U%2B8xcWiYhSDZCPFkPUcJ9E7iSTNuQHPwK2LOnaFYB6xmNjZwA325sL09Af2XDzFc1vxR%2FLq%2Fc%2B6sjHNcCjPMdfsAdVwPouyg4%2Ba6MSjjnkBePdeguiSQdoRO5Tr3gJ4bzGag%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82c1df87ea4d1e4d-FRA

GET
H2 200 jquery.min.js Show response
directexpresshelp.com/wp-includes/js/jquery/ 86 KB
31 KB 33ms
32ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 274770
x-ezoic-cdn: Hit ds;ds;3fa59e638f78181bf733a5a4f29dbe89;2-510601-1;c3693996-d75c-4e37-69a7-7c44888fdacd
x-middleton-display: staticcontent_sol, orig_site_sol
content-encoding: br
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
response: 200
last-modified: Wed, 22 Nov 2023 20:57:35 GMT
server: cloudflare
etag: W/"655e6b3f-15601-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BQuD4arjCffxg0blLwqSIMsQ37vfCn9DzRph9TIQGV2wL0S%2FMNhlDxYScXtU2fy%2BRK7xyvsCxczMVoz2mUinmmfvfJVHQgfvhwZOi%2FL7DsRVsh%2F2I6CeQGfZrRM7Uv3MMZRCVCbYhzlCng6pzl2f7W%2FXtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82c1df87ea4e1e4d-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 124ms
74ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684da3900ac5aceedce616da065da37e6283f0d400a66bf3b17a9e4dd5357e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52732
x-xss-protection: 0
server: cafe
etag: 8315371257215511855
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Nov 2023 11:43:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 81ms
33ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-43683690-3

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7bed4eb8e4267d45b1592f74544859576a25b3b6001cc926689ddacb5039cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68750
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Nov 2023 11:43:20 GMT

GET
H2 200 cropped-cropped-Direct-Express-Help-1.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2018/10/ 3 KB
3 KB 65ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2018/10/cropped-cropped-Direct-Express-Help-1.png?fit=437%2C99&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

34d57b944a61b899807b6946e4a6c2d9692415917faa0a0fffd8d95277431821

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2956
x-nc: HIT hhn 3
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "d74e2b4fcf5a360c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2018/10/cropped-cropped-Direct-Express-Help-1.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 boise.js Show response
directexpresshelp.com/detroitchicago/ 913 B
931 B 33ms
30ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/detroitchicago/boise.js?gcb=195-0&cb=2

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f2998a5d4419bbab382abed2a0679d2cc64b21e839a636b351786a4c611db0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
cf-polished: origSize=926
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjiKPRgmpFw4wnKYU2ciy0RpmxJouj5SpSu28KsMO0dM%2FFHLptflT2sMnNB4GbNOGfpz7LSWhcVsg4x34Rn8kgJmK2zVG4%2Fxt5SkioJi6vXk03skkJxktfDUvAiTWMLiyfuPJ1Rq0xDK2evKmNjlk9N61QQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df884ac81e4d-FRA

GET
H2 200 abilene.js Show response
directexpresshelp.com/parsonsmaize/ 6 KB
3 KB 31ms
29ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=30

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a389f846ebffac00e3890254db6efec3bec77253854a5bfcea683072ce3b0df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
cf-polished: origSize=6323
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r16zs22LKUZtuaW%2Bl5gH9FRygVO0zxxj2o5TuD8atIW3HowSTNh0p4O5mOkKkphkJsEoXTrnDnQwKOflKgkK6SSrOb8cKtpIaysBuTDbZLRKH1BfNzmaf1hi6iMRQ91FpwYB08WIJPtXQPfEElKbAKxB5m8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df884aca1e4d-FRA

GET
H2 200 et.js Show response
directexpresshelp.com/porpoiseant/ 1 KB
928 B 30ms
28ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/porpoiseant/et.js?gcb=195-0&cb=2

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH7QR4L0AdNBjxPUIZfk2MRxqXhtMEZAk2EQaKa%2FC2EK%2BIOYhGUR1R9RHZ19AbkHXKy88qxZKJLa4SJN3okWna4KaNWzpx1lsdaWa7P9X23Qlr2jN3bSrjeIAwM3eg5q8fZl%2B56ZgOGt3DlUdHf9WpqW2uM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df884acb1e4d-FRA

GET
H2 200 What-time-does-Social-Security-hit-Direct-Express-card-2.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/ 18 KB
18 KB 54ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-2.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

829a4568d0c8e326c1e022af19985d295dc933dee3ac68e8beb1d29684eba649

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18138
x-nc: HIT hhn 2
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "c7226cc8018bb784"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-2.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 2024-Social-Security-COLA.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/ 15 KB
16 KB 72ms
38ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/2024-Social-Security-COLA.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

88e58b06a43d52cf619d55c3134633e2e6476c9d284781aca2d0f6547ee1a938

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 15578
x-nc: HIT hhn 3
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "5842580b5458b418"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/10/2024-Social-Security-COLA.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 How-to-resolve-SSI-Overpayment-letter.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/ 14 KB
15 KB 29ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/How-to-resolve-SSI-Overpayment-letter.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ffc213549ebefcae379a54e755263c4d40f382f4acfb138a9c2411eb0ff5a065

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 14588
x-nc: HIT hhn 3
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "8ff4521d9f906d3c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/10/How-to-resolve-SSI-Overpayment-letter.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 what-to-do-about-Social-Security-Overpayment-letters.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/ 18 KB
19 KB 29ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/what-to-do-about-Social-Security-Overpayment-letters.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f9ff06d5d2582b76bd977802f4bfd3275be04820397f192853602ee27f88f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18760
x-nc: HIT hhn 1
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "acdcec3cba812629"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/10/what-to-do-about-Social-Security-Overpayment-letters.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 Direct-Express-Myaccount-Login-.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/ 18 KB
19 KB 47ms
44ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/Direct-Express-Myaccount-Login-.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4762e6e3977758faa3346322cb4f9a2b247d0cabf54783caee527f4a8646c02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18772
x-nc: HIT hhn 4
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "c7a3ce04509ca71f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/09/Direct-Express-Myaccount-Login-.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 Social-Security-COLA-Estimate-for-2024.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/ 23 KB
23 KB 27ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/Social-Security-COLA-Estimate-for-2024.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6c8f7f910058efb76de58e1cd7e4527029ae8c71671e409f94ea3ea2de08ede1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 23098
x-nc: HIT hhn 2
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "567d8c7a4b547a13"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/09/Social-Security-COLA-Estimate-for-2024.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 What-time-does-Social-Security-hit-Direct-Express-card-1.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/ 17 KB
18 KB 46ms
44ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-1.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

29eab285958e0c7851f7532fcfa4ddb59ab85f844c6436b8c3f1e2a36d7be60f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 17748
x-nc: HIT hhn 2
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "60a8a78fac091ed6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-1.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 What-is-the-expected-Social-Security-increase-for-2024.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/ 19 KB
19 KB 46ms
44ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-is-the-expected-Social-Security-increase-for-2024.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d38641890893dc5f5b62c5733b4a6ebe0369c541d05f5987e92cf65b6b576353

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19078
x-nc: HIT hhn 3
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "45c2d8853aef7f6b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/08/What-is-the-expected-Social-Security-increase-for-2024.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 What-is-Direct-Express-Card-1.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2021/09/ 15 KB
16 KB 46ms
44ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2021/09/What-is-Direct-Express-Card-1.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

be12568c14d89d07347ba991e2bd2bfa121602d162c19ddaa878b1e179791a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 15522
x-nc: HIT hhn 2
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "d7e85f3dcfc1ca8d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2021/09/What-is-Direct-Express-Card-1.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 What-time-does-Social-Security-hit-Direct-Express-card-2.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/06/ 18 KB
18 KB 46ms
45ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/06/What-time-does-Social-Security-hit-Direct-Express-card-2.png?w=800&ssl=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

196be1c28242be3c0eff3f4c9c24e12cc6f0a916816617323ec6df8b7b243ff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18056
x-nc: HIT hhn 4
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "f5124ea2e644c912"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2023/06/What-time-does-Social-Security-hit-Direct-Express-card-2.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 dmca-badge-w150-2x1-03.png
images.dmca.com/Badges/ 9 KB
9 KB 97ms
22ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca-badge-w150-2x1-03.png?ID=9dfa0eed-0bfb-484b-8953-6fde7868aca9
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: e4f82c06e12f028861fcc3587190038b946c774d584c8f58287da453cdfb941b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:58:17
cdn-pullzone: 1574055
content-length: 9215
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "1cc8aa3aace6d11:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 084ac0aec09d3390ac827d13e26de568
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
844 B 96ms
19ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 10/31/2023 19:00:40
cdn-pullzone: 1574055
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"26b181f16d28d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 10b28f5e365d3c0c3f3832e2416f9611
cdn-requestcountrycode: DE
link: <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 e-202347.js Show response
stats.wp.com/ 7 KB
3 KB 59ms
17ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202347.js
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Sun, 26 Nov 2023 11:43:20 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684464982353.1523
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 17 Nov 2024 22:40:26 GMT

GET
H2 200 autoptimize_e28b140867d2dea4e6dbb360c9c0a689.js Show response
directexpresshelp.com/wp-content/cache/autoptimize/js/ 140 KB
45 KB 34ms
33ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/wp-content/cache/autoptimize/js/autoptimize_e28b140867d2dea4e6dbb360c9c0a689.js

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51446f2d9f69aff69bf39feb33cc5661e4e6c8366825bc4cfb63caa498fe32d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 142804
cf-polished: origSize=143635
x-ezoic-cdn: Hit ds;ds;b43b744d803a81d81a447bc4564c0fd7;2-510601-1;d8c00682-c634-474d-6746-f6a30ed7b08d
x-middleton-display: staticcontent_sol, orig_site_sol
content-encoding: br
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
response: 200
cf-bgj: minify
last-modified: Wed, 22 Nov 2023 21:03:15 GMT
server: cloudflare
etag: W/"655e6c93-23113-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1Jc7HxPVV4F1Vqw8zWZCHloo9BYunuUZF7mEbGYB16CLhgND00YnXU9tV0z2L4iISQuo4FpZMUcxRENgz7A67NHWVoBbfIlNie%2BTZTbu2DrlczFCatvbfq34rMU3HrKgK50w5SImsDtxgS2eaxZDtOV81Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82c1df884acc1e4d-FRA

GET
H/1.1

200
200

cm Show response
ws-na.assoc-amazon.com/widgets/ Frame 3592
Redirect Chain

https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshel...

44 KB
44 KB

341ms
110ms

Document
text/html

52.94.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.230.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 76ba66489fe2da5df50d9bc041f83ac8eb0d726881fcfc77d57edbdc76f26075

Request headers

Referer: https://directexpresshelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: close
Content-Length: 44907
Content-Type: text/html;charset=UTF-8
Date: Sun, 26 Nov 2023 11:43:21 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 26 Nov 2023 11:43:20 GMT
Location: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 4XH5RX78BE2G57F06B6Z

GET
H2 200 How-to-contact-the-Direct-Express-Dispute-Department.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2015/11/ 642 B
1 KB 37ms
36ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2015/11/How-to-contact-the-Direct-Express-Dispute-Department.png?fit=800%2C600&ssl=1&resize=40%2C40

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0c67728cf78d492c171c783c35686c6886342ddc229d262e3b3d5f91163f6ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 642
x-nc: HIT hhn 2
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "5b42d983a6ddb59c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2015/11/How-to-contact-the-Direct-Express-Dispute-Department.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 Direct-Express-Emergency-Cash.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2021/03/ 632 B
1 KB 36ms
36ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2021/03/Direct-Express-Emergency-Cash.png?fit=800%2C600&ssl=1&resize=40%2C40

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

2eee0cafe6c7f66097f027901c23695439f82c39adc304b9582ad752837a7a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 632
x-nc: HIT hhn 3
last-modified: Fri, 24 Nov 2023 11:43:44 GMT
server: nginx
etag: "b12ba9677e5df939"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2021/03/Direct-Express-Emergency-Cash.png>; rel="canonical"
expires: Sun, 23 Nov 2025 23:43:44 GMT

GET
H2 200 Direct-Express-Debit-Card-Login.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/08/ 522 B
932 B 37ms
36ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/08/Direct-Express-Debit-Card-Login.png?fit=800%2C600&ssl=1&resize=40%2C40

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0d848d1bba0a5740f08135ebe6ff96c31bc4baa04273f4d6310fc59e14c119ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 522
x-nc: HIT hhn 2
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "6761aa8220464a86"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2013/08/Direct-Express-Debit-Card-Login.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
H2 200 How-do-I-unlock-my-Direct-Express-card.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2019/11/ 494 B
911 B 37ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2019/11/How-do-I-unlock-my-Direct-Express-card.png?fit=800%2C600&ssl=1&resize=40%2C40

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

762bf09b08055d2e81d6499a5176f9119324e7d484536562f9ec083749494d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 494
x-nc: HIT hhn 4
last-modified: Thu, 23 Nov 2023 00:56:32 GMT
server: nginx
etag: "1700258acf272398"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://directexpresshelp.com/wp-content/uploads/2019/11/How-do-I-unlock-my-Direct-Express-card.png>; rel="canonical"
expires: Sat, 22 Nov 2025 12:56:32 GMT

GET
BLOB 200
OK 2520cc0d-dfda-4517-b0f8-ac6674d7f40d
https://directexpresshelp.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://directexpresshelp.com/2520cc0d-dfda-4517-b0f8-ac6674d7f40d
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 mulvane.js Show response
directexpresshelp.com/parsonsmaize/ 1002 B
891 B 47ms
45ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/parsonsmaize/mulvane.js?gcb=195-0&cb=5

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 26 Nov 2023 11:43:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8ks6wkIGvLBQ7x9MzkqdhNKTk1MeOjzFqdeQVIkIZoQ4jm2O6tfNDdY5XgbD0Ic92FNaB%2BHwJ0HoeNZk2IzZ2IyLMBUGxBDd7LPzpL7ghKF7Kdmk%2B6d9TliCax4fVuxwlnQUBahnKsrPMTVuR%2F3MloGHmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df887afe1e4d-FRA

GET
H2 200 raleigh.js Show response
directexpresshelp.com/detroitchicago/ 2 KB
1 KB 29ms
28ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/detroitchicago/raleigh.js?gcb=195-0&cb=6

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88b2906e8443f22f57ad7f18373f5e33e01dfb13c52931cc3d94456b786cef90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
cf-polished: origSize=1659
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5VHuh5CnPqaT1R%2Bg8MszfgyAR8iLpdYOBp676DEYnwfwZKVf2aelg%2FF3fwdtYrgkB7dUNjTSUWbpqWmYjoKjZzRSbGpXq%2BNeoaJdEmSO6nmoSYo6uZ6Ef1NAI8vw2KSimEMqoU43Q4xTUEC1K54yC7kWyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df887b021e4d-FRA

GET
H2 200 vista.js Show response
directexpresshelp.com/detroitchicago/ 1 KB
799 B 30ms
28ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/detroitchicago/vista.js?gcb=195-0&cb=5

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803564d2f40968a670c5748859a0cfece2016ee109d1eea9aa1fbda64553e5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
cf-polished: origSize=1062
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bx8ONCrAml2dw9AxxmkKPlDwnAuaeP8i5iPoWDl892Se8vBxTESdGCSylz4vnaJLtOd0RT8BKcdzeF0NglR2NZKGW9CYpMnVbgZAwVWYnGAaIRThaNs69qkF1KMe408d%2FvaSdSZI%2FUNfNWlcQIxkSgXwfxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df887b031e4d-FRA

GET
H2 200 tampa.js Show response
directexpresshelp.com/detroitchicago/ 963 B
889 B 31ms
31ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/detroitchicago/tampa.js?gcb=195-0&cb=5

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

531197cef35c5eee10b028044f8f238d6bf147d0a24f31969ac8d7bee0e4c008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
cf-polished: origSize=976
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECxDE3NWbZRra0p9A6Oor59ZqB2kAwrYzjZ4qFay9bnlLTZ1UOyFP56Cq3GlbnxnqIY5b0%2Fpy27ULc8infPeA04f7DVsJ1cB0aCV88jWNtJQ%2FnoGBuybzicDzMEUDRalCihojvvOpatlkDovJ%2B3PUQG%2FWfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df887b051e4d-FRA

GET
H2 200 olathe.js Show response
directexpresshelp.com/parsonsmaize/ 2 KB
1 KB 29ms
28ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/parsonsmaize/olathe.js?gcb=195-0&cb=23

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e95dbe814ec64151e2a610cbed23b66909cb781c0ab20b6fa026f3e0f71f227

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
cf-polished: origSize=2255
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2ERx1tdgTMWVqfG2w0ikwObLyfW8BE49C3ikF7NMnaru0TPVZOVjk2yj%2FRSz6Q6wZreyIDka45KBkqjlnrZG1B4jMQ%2BV%2FdUcqrhJuhdSkKtgPAscYKd8xl5TXY7Q4%2FYOvEQtgE7dS%2FJ%2BeM5Bihy4xzTyBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df88cb561e4d-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 76ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f15b24c8e8324d6862e7db9af06ef20870ebffee706e2353858fac4fec7777d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Nov 2023 11:43:20 GMT
content-md5: nOpmjiiHl2s4XYn/3LjMQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: icz2jT9qT/sx2Uq4ci+NdNAUze+cMquLgTLCO/rUt6XoNHn3/9GDlISiPCoZrpDsczSEu7cN+c2jDn6R9go/fQ==
x-fb-content-md5: 048c948a91793fbdbd36a3c961deb491
cross-origin-opener-policy: same-origin-allow-popups
etag: "51a2d2f16e6e651f684c9933e2ff7db4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 26 Nov 2023 12:02:50 GMT

GET
H2 200 vitals.js Show response
directexpresshelp.com/tardisrocinante/ 8 KB
3 KB 29ms
29ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/tardisrocinante/vitals.js?gcb=0&cb=3

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b894147b763542f6c62b74227307d03261af5237a0cd149141af6066a28fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
cf-polished: origSize=7941
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwUcza0KUwTTEGBBFSmodo9L6h21Hl8B%2FY6NmM30XM%2B1vNUBh5Lcmt6CRTHMrhymNzAi8yc%2Fp8o8J2iBCHfS4IbWWkpn%2B1EMBvO9xkf%2BD0TZHk4duwljEKaHhIX8AALUqbxuS8AVvnPlt%2FPh%2BisMXb4zl1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df88db791e4d-FRA

GET
H2 200 drake.js Show response
directexpresshelp.com/beardeddragon/ 4 KB
1 KB 30ms
30ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/beardeddragon/drake.js?gcb=0&cb=6

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
cf-polished: origSize=4247
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSNaNrS6ghch0IAsJf%2B7MCgA3sVqfcEB8wdPITDrAPznCjNyG9mrEg44%2BUf5DFaIGn4kQLSW55Jts9gldxHJFVwmHDnEOFdiMQfRfWtZ1xnUO7ZVi%2Fz69MhWRIEF1GkRIFHJULfnZ2Vu7AHNK0yu7wAFlcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df88eb7c1e4d-FRA

GET
H2 200 chanute.js Show response
directexpresshelp.com/parsonsmaize/ 21 KB
6 KB 31ms
30ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-0&shcb=34

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a1eb6123c7c46f878fef314ed06c507b2a9933c4b439af7a872b7861c52d72f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
cf-polished: origSize=21681
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdubB5mrBS2w7qlsPGKjBPHPgrblCYz5tQ7tFlBNNhyPI3R1ryuhxoYSCt9jCtQ71Kd1B5IumdVPwHHwac2ZC0UotBfPQf%2Fr%2FQRU8GExokj%2FUDW7Q8cyaV4Yra5YGXZ41XBCsPIN6nb5kIWNzkzxF409lgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df88eb7e1e4d-FRA

GET
H2 200 jellyfish.js Show response
directexpresshelp.com/porpoiseant/ 37 KB
10 KB 30ms
29ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/porpoiseant/jellyfish.js?a=a&cb=11&dcb=195-0&shcb=34

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8845f7fdd88e956fb192f1eef85e4afa6b7c59d2bae22b6058f4ca620d67312

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390963
cf-polished: origSize=37593
content-encoding: br
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 23:07:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsHfniZQ2fhEqMg7x75S4VdYUIV1W2DlEMuH2%2F6R9o8yK50bg29Kmjn6lgILZxAMGa0QbhEl%2BCiZ7fUS0E%2BIY6roi2La5B5gLbB1mmUcb5bJEIdon24owbpWm7hXylNMjtuOrK7oOAo7VsvNpntYkxt8IfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 82c1df88eb7f1e4d-FRA

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 27ms
19ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=117864997&post=0&tz=0&srv=directexpresshelp.com&j=1%3A12.8.1&host=directexpresshelp.com&ref=&fcp=778&rand=0.9430742573841795
Requested by: Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 26 Nov 2023 11:43:20 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
directexpresshelp.com/wp-includes/js/ 18 KB
5 KB 31ms
30ms Script
application/javascript 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 274770
x-ezoic-cdn: Hit ds;ds;92e7a52a448db8951ede691a383c8998;2-510601-1;bfaa35b7-39ad-4879-4b36-52aef89fbd2c
x-middleton-display: staticcontent_sol, orig_site_sol
content-encoding: br
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
response: 200
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: cloudflare
etag: W/"63db0985-4904-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYP5AdaJJUf%2FtTuDloh2mEXUep4rxAiyR9uFavKzYqGzRfEF3BaG2zpyMj14V9B3fbDemCDZ3mHpUL84GaVOKf6db6rY9jajMR6DNxYd%2BKr3onqAwRg56tXKq90J1cjvUO55jhjTTzqHP8zM4Lgx5qvQL3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82c1df88eb851e4d-FRA

POST
H2 200 imp.gif
directexpresshelp.com/detroitchicago/ 43 B
700 B 36ms
35ms Ping
image/gif 2606:4700:3031::ac43:c2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://directexpresshelp.com/detroitchicago/imp.gif?ez_orig=1

Requested by

Host: directexpresshelp.com
URL: https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://directexpresshelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
alt-svc: h3=":443"; ma=86400
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://directexpresshelp.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UnwKpzFrRmPbhzPfIswgjoEVI0SzDpjbfZzristo4%2BgC9HjBbg6BfRJq6IIKoa8bPl2fkGGpr0oEx5ftD2AqieW2VaCLa3GzSAlBRR0CJ4hqt8zII5pNtd%2FqNzlLxp6BzqVnz3TukuKO7AEAJUl8hArvz8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
cf-ray: 82c1df88fb941e4d-FRA
access-control-allow-headers: Content-Type
expires: Sat, 25 Nov 2023 11:43:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6QW80M9MT9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43683690-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0014a3b05cb2fe3b0a6fac95abb4444ff817526ce61fc07009fa2a1744c31db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 Nov 2023 11:43:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 71ms
19ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43683690-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Nov 2023 09:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6822
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 26 Nov 2023 11:49:38 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 87ms
84ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9517003535209854&plah=directexpresshelp.com&bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a55428d7e0c615674a80ab024f977ac5871471362399e9857441d09ad0349b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137285
x-xss-protection: 0
server: cafe
etag: 4681739808130352890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 26 Nov 2023 11:43:20 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame E7EC 9 KB
4 KB 76ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://directexpresshelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:04 GMT
etag: 16674218716276178799
expires: Sat, 09 Dec 2023 16:18:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 54ms
33ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bd52e0130f0f588e9a670190de8cc94d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da976c76f02a2eff244623f67fc0de76dffe3f053af37e8738f14979a626d0ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://directexpresshelp.com/
Origin: https://directexpresshelp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Nov 2023 11:43:20 GMT
content-md5: kosYg1tHLstDVhqPl+0v9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88330
reporting-endpoints
x-fb-debug: QaIAYD2jSj3Xxtv8nPJFfceQGK+sITtGUIKQBtWugfJFrgDpCgbA/HMxkibPAJ7qyeTnf5cFW0D8nmMEZY9ZGg==
x-fb-content-md5: 08a14620d32798374ab5d19171b034cc
cross-origin-opener-policy: same-origin-allow-popups
etag: "d05f5f442234d9c87ffcc4a0c750de82"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 25 Nov 2024 10:14:28 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 71ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6QW80M9MT9&gtm=45je3b81v9111022135&_p=1700999000353&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2138069635.1700999001&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1700999000&sct=1&seg=0&dl=https%3A%2F%2Fdirectexpresshelp.com%2F&dt=Direct%20Express%20Card%20Help%20-%20Direct%20Express%20Card%2C%20Social%20Security%20%26%20Disability&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=955
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6QW80M9MT9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:43:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://directexpresshelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 31ms
26ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2018604871&t=pageview&_s=1&dl=https%3A%2F%2Fdirectexpresshelp.com%2F&ul=en-us&de=UTF-8&dt=Direct%20Express%20Card%20Help%20-%20Direct%20Express%20Card%2C%20Social%20Security%20%26%20Disability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1720253811&gjid=16748348&cid=2138069635.1700999001&tid=UA-43683690-3&_gid=715602228.1700999001&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=247236553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://directexpresshelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://directexpresshelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 77ms
26ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-43683690-3&cid=2138069635.1700999001&jid=1720253811&gjid=16748348&_gid=715602228.1700999001&_u=YADAAUAAAAAAACAAI~&z=443469816

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://directexpresshelp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 26 Nov 2023 11:43:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://directexpresshelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAC9 0
188 B 311ms
310ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517003535209854&output=html&adk=1812271804&adf=3025194257&lmt=1700999000&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdirectexpresshelp.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700999000517&bpp=2&bdt=228&idt=241&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6983915425641&frm=20&pv=2&ga_vid=2138069635.1700999001&ga_sid=1700999001&ga_hid=2018604871&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C31079757%2C44807754%2C44807764%2C44808148%2C44808284%2C44809055%2C31061690&oid=2&pvsid=511391866991326&tmod=198508843&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=254

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9517003535209854&plah=directexpresshelp.com&bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://directexpresshelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 11:43:21 GMT
expires: Sun, 26 Nov 2023 11:43:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 PrimeAccess-CustomerBanner-300x250.jpg
images-na.ssl-images-amazon.com/images/G/01/marketing/prime/PrimeUpQualify/ Frame 3592 89 KB
90 KB 149ms
36ms Image
image/jpeg 2600:9000:2449:1600:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-na.ssl-images-amazon.com/images/G/01/marketing/prime/PrimeUpQualify/PrimeAccess-CustomerBanner-300x250.jpg
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:1600:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 3a5e96b26c8239a32c6da3c4bdb36d46c358232cbc599e8e8b8e32828f21a518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 12:54:28 GMT
via: 1.1 c2905f891f96a0ec9c7fab16916dbb46.cloudfront.net (CloudFront)
age: 82486
x-amz-cf-pop: AMS58-P6
edge-cache-tag: x-cache-501,/images/G/01/marketing/prime/PrimeUpQualify/PrimeAccess-CustomerBanner-300x250
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 91634
surrogate-key: x-cache-501 /images/G/01/marketing/prime/PrimeUpQualify/PrimeAccess-CustomerBanner-300x250
last-modified: Tue, 11 Oct 2022 22:37:10 GMT
server: Server
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400,public
x-amz-ir-id: 14b91e89-66dc-438e-a932-58bb4315fb68
accept-ranges: bytes
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: SrWTSLb4H1nSFr9hq6MHfm6LgP3mclj8stEjs3xrhFMotmljmC10ww==
expires: Thu, 31 Aug 2023 10:13:37 GMT

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 3592 43 B
200 B 398ms
103ms Image
image/gif 52.94.225.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1700999001427&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22US%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 11:43:21 GMT
x-amzn-RequestId: d8284d7d-71f8-4f35-bca4-8244b8330fef
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/ Frame 3592 43 B
200 B 397ms
103ms Image
image/gif 52.94.225.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1700999001427&p=%7B%22program%22%3A%221%22%2C%22tag%22%3A%22dexpresshelp-20%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22https%3A%2F%2Fdirectexpresshelp.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 11:43:20 GMT
x-amzn-RequestId: 62089260-c235-4270-8278-d36acc874d61
Content-Length: 43
Content-Type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 162ms
124ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d8953d10bd0915b591f7633a20da19828fd8a9da2d7b462399fa32b31cc8d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12356
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 152ms
107ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 11:43:22 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0FF 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://directexpresshelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 10:16:45 GMT
expires: Mon, 25 Nov 2024 10:16:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4193 829 B
1 KB 79ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e059977783bc3cd62b5e25470c5aca9280974dca73507392f34ee7a5a6ffe09d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wvU_vidHk_lGwm0MusUnpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://directexpresshelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wvU_vidHk_lGwm0MusUnpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 11:43:22 GMT
expires: Sun, 26 Nov 2023 11:43:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B0FF 39 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 16:18:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4193 0
0 52ms
52ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=511391866991326&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B0FF 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hLGbJg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:43:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=511391866991326&bg=!j4yljMPNAAZxrfrxUa07ADQBe5WfOJsx4fq7As2HC_rdShwehyK2P_GnME7PJT31WKh077kyqM5BCxSuBXmxiUB3LynYAgAAADtSAAAAAWgBB5kCxxeWEs5Vjoz6eYwpzpqncYTROUGtyrk3wCCC20E6vZ4vNDGJUONlXE5IkaSX6WjZJHKesMDqGuZpP5qU7TdnfsQMnCdxruXTkw70RTUSpU0OlNda42MOz3ZWVd7YMthWnpHWgWeHGwV_r51IB8NSn_DHTsSZIMtrO6POE_5mmDgOPrtHxoRLq2-H7kOrCDW1iK2MYXmSEhy9a0G8ziYBB8JMAsSFKxv-4lWjIJCZLZLoSnC_xn5mJIh-JDbxhBkdPn8ebYZBil6ZC3ssdDkPtRrjW1t-Mdgcrj40QS4OiZ7gKQsjZ50dO3neV9bkxDhLml6iWhUCzFOq1n_q3k_KCBzZP4EivIDsFnJCsSxlF2QcW4P79eFMbDl7c76nH0fWesd82dDnqUy8lKA-PfVaXFT628CFGsTw5HIA0M5xmzvFTVu_GCH1M1vvqtgzPKPPvNd0KpPJ4GCfPmGMU-StNPSeKmdcbghlLKkgweMxFtgU1xAYnyrqSiJFZzLZaQeWjktMa3f-AV4Sa8L2k6Xx8yw9M_LCOUQAg5I_Kq8wgJdKeaFEW7nl-iKJax8msoqqWpklMceLwjcpFMrg5DsOCB761WjXppQwEc-Fy0055NFfSIc4XVZM2NI0YnBxJQnWSCYlRMyikE3jHwDXY_kyCPooNseGnz_CWz75CDbO3HrWfdN0jSHFUOI-rPZEXu50yTiLQl28hD3b_Dc9f7pTxD6n76eY_jZOQg2V-tm2wZJ2dd7DoRziT62bmL30LlpgXL6JP3NNw2rb8cOTay0FxNiR6syoxK1tj_wXfPQjFK--9erJmqepVIOeMXF5o7Pd8Mwa7nVaIhFL4CgX2Vox0md9Io8SRQu63idooT3B-7O0Hmf_se5-jhKcYh4WI0v7t5Qe9VWbpzoF4hgVWGRlqznXDDrF_jBQN28J7cYShEd8Jo18JKKF9A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://directexpresshelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.directexpresshelp.com/	1970-01-20 16:30:00	Name: ezoadgid_510601 Value: -1
.directexpresshelp.com/	1970-01-20 16:30:06	Name: ezoref_510601 Value:
.directexpresshelp.com/	1970-01-21 01:15:34	Name: ezosuibasgeneris-1 Value: 399baf1b-68ce-407a-6976-a42b1b4fa765
.directexpresshelp.com/	1970-01-20 16:30:06	Name: ezoab_510601 Value: mod245
.directexpresshelp.com/	1970-01-20 16:32:51	Name: active_template::510601 Value: orig_site.1700998999
.directexpresshelp.com/	1970-01-20 16:30:00	Name: ezopvc_510601 Value: 1
.directexpresshelp.com/	1970-01-20 16:30:00	Name: lp_510601 Value: https://directexpresshelp.com/
.directexpresshelp.com/	1970-01-20 16:32:51	Name: ezovuuidtime_510601 Value: 1700999000
.directexpresshelp.com/	1970-01-20 16:30:00	Name: ezovuuid_510601 Value: 3def2d52-dc41-4eb0-5b1c-f639e8bbcc8b
directexpresshelp.com/	1970-01-21 02:05:59	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
directexpresshelp.com/	1970-01-21 02:05:59	Name: ezohw Value: w%3D1600%2Ch%3D1200
directexpresshelp.com/	1970-01-21 02:05:59	Name: advanced_ads_page_impressions Value: %7B%22expires%22%3A2016359000%2C%22data%22%3A1%7D
directexpresshelp.com/	1970-01-20 17:13:11	Name: advanced_ads_browser_width Value: 1600
.directexpresshelp.com/	1970-01-21 02:05:59	Name: _ga_6QW80M9MT9 Value: GS1.1.1700999000.1.0.1700999000.0.0.0
.directexpresshelp.com/	1970-01-21 02:05:59	Name: _ga Value: GA1.2.2138069635.1700999001
.directexpresshelp.com/	1970-01-20 16:31:25	Name: _gid Value: GA1.2.715602228.1700999001
.directexpresshelp.com/	1970-01-20 16:29:59	Name: _gat_gtag_UA_43683690_3 Value: 1
.doubleclick.net/	1970-01-20 16:29:59	Name: test_cookie Value: CheckForPermission
directexpresshelp.com/	1970-01-21 01:15:35	Name: ezux_lpl_510601 Value: 1700999001827\|5135f445-dc4a-40ae-52df-fb6801546d09\|false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
directexpresshelp.com
fls-na.amazon-adsystem.com
googleads.g.doubleclick.net
i0.wp.com
images-na.ssl-images-amazon.com
images.dmca.com
pagead2.googlesyndication.com
pixel.wp.com
rcm-na.amazon-adsystem.com
region1.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
ws-na.assoc-amazon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
192.0.76.3
192.0.77.2
2001:4860:4802:34::36
2400:52e0:1e00::1081:1
2600:9000:2449:1600:1d:d7f6:39d3:7a61
2606:4700:3031::ac43:c2c0
2606:4700:3036::6815:14e8
2a00:1450:4001:80b::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9a
2a03:2880:f083:100:face:b00c:0:3
44.215.133.91
52.94.225.95
52.94.230.46
09f0a890903026b2c6d55131d96f859fc315c9c6358cf9f5c84ae8fcfa85d796
0c67728cf78d492c171c783c35686c6886342ddc229d262e3b3d5f91163f6ae0
0d848d1bba0a5740f08135ebe6ff96c31bc4baa04273f4d6310fc59e14c119ee
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
196be1c28242be3c0eff3f4c9c24e12cc6f0a916816617323ec6df8b7b243ff9
29eab285958e0c7851f7532fcfa4ddb59ab85f844c6436b8c3f1e2a36d7be60f
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
2eee0cafe6c7f66097f027901c23695439f82c39adc304b9582ad752837a7a4d
34d57b944a61b899807b6946e4a6c2d9692415917faa0a0fffd8d95277431821
36f2998a5d4419bbab382abed2a0679d2cc64b21e839a636b351786a4c611db0
3a5e96b26c8239a32c6da3c4bdb36d46c358232cbc599e8e8b8e32828f21a518
3d8953d10bd0915b591f7633a20da19828fd8a9da2d7b462399fa32b31cc8d4e
3e95dbe814ec64151e2a610cbed23b66909cb781c0ab20b6fa026f3e0f71f227
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4762e6e3977758faa3346322cb4f9a2b247d0cabf54783caee527f4a8646c02a
4b894147b763542f6c62b74227307d03261af5237a0cd149141af6066a28fec6
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51446f2d9f69aff69bf39feb33cc5661e4e6c8366825bc4cfb63caa498fe32d7
531197cef35c5eee10b028044f8f238d6bf147d0a24f31969ac8d7bee0e4c008
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a1eb6123c7c46f878fef314ed06c507b2a9933c4b439af7a872b7861c52d72f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
684da3900ac5aceedce616da065da37e6283f0d400a66bf3b17a9e4dd5357e42
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8f7f910058efb76de58e1cd7e4527029ae8c71671e409f94ea3ea2de08ede1
762bf09b08055d2e81d6499a5176f9119324e7d484536562f9ec083749494d1d
76ba66489fe2da5df50d9bc041f83ac8eb0d726881fcfc77d57edbdc76f26075
803564d2f40968a670c5748859a0cfece2016ee109d1eea9aa1fbda64553e5c3
829a4568d0c8e326c1e022af19985d295dc933dee3ac68e8beb1d29684eba649
88b2906e8443f22f57ad7f18373f5e33e01dfb13c52931cc3d94456b786cef90
88e58b06a43d52cf619d55c3134633e2e6476c9d284781aca2d0f6547ee1a938
8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20
a389f846ebffac00e3890254db6efec3bec77253854a5bfcea683072ce3b0df5
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a55428d7e0c615674a80ab024f977ac5871471362399e9857441d09ad0349b67
a7bed4eb8e4267d45b1592f74544859576a25b3b6001cc926689ddacb5039cba
be12568c14d89d07347ba991e2bd2bfa121602d162c19ddaa878b1e179791a8d
c0014a3b05cb2fe3b0a6fac95abb4444ff817526ce61fc07009fa2a1744c31db
c3e279fc17c65606992b8a9adeda5d3b216bf0e12ea22777233855cf59df5035
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d38641890893dc5f5b62c5733b4a6ebe0369c541d05f5987e92cf65b6b576353
da976c76f02a2eff244623f67fc0de76dffe3f053af37e8738f14979a626d0ff
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e059977783bc3cd62b5e25470c5aca9280974dca73507392f34ee7a5a6ffe09d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f82c06e12f028861fcc3587190038b946c774d584c8f58287da453cdfb941b
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
f15b24c8e8324d6862e7db9af06ef20870ebffee706e2353858fac4fec7777d7
f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f8845f7fdd88e956fb192f1eef85e4afa6b7c59d2bae22b6058f4ca620d67312
f9ff06d5d2582b76bd977802f4bfd3275be04820397f192853602ee27f88f8f3
ffc213549ebefcae379a54e755263c4d40f382f4acfb138a9c2411eb0ff5a065

directexpresshelp.com Open in urlscan Pro 2606:4700:3031::ac43:c2c0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

72 %IPv6

12 Domains

18 Subdomains

17 IPs

3 Countries

1000 kBTransfer

2435 kBSize

19 Cookies

5 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

directexpresshelp.com Open in urlscan Pro
2606:4700:3031::ac43:c2c0 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

72 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

1000 kB
Transfer

2435 kB
Size

19
Cookies

62 HTTP transactions
0 data transactions