content-guidelines.usbank.com Open in urlscan Pro
54.195.237.234 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://content-guidelines.usbank.com/
Submission: On May 05 via automatic, source certstream-suspicious (May 5th 2023, 9:14:34 pm UTC) — Scanned from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 42 HTTP transactions. The main IP is 54.195.237.234, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is content-guidelines.usbank.com.
TLS certificate: Issued by R3 on March 16th 2023. Valid for: 3 months.

This is the only time content-guidelines.usbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	54.195.237.234 54.195.237.234	16509 (AMAZON-02) (AMAZON-02)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
5	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.206.214 52.222.206.214	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.58 13.32.121.58	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
3	35.188.42.15 35.188.42.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.208.128.54 52.208.128.54	16509 (AMAZON-02) (AMAZON-02)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:238... 2600:9000:238d:a600:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.241.208.166 34.241.208.166	16509 (AMAZON-02) (AMAZON-02)
2	52.41.90.223 52.41.90.223	16509 (AMAZON-02) (AMAZON-02)
42	16

9 54.195.237.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-237-234.eu-west-1.compute.amazonaws.com

content-guidelines.usbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-214.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-58.fra60.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.128.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-128-54.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:238d:a600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

zeroheightsupport.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.208.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-208-166.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.90.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-90-223.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	usbank.com content-guidelines.usbank.com	4 MB
8	stripe.com js.stripe.com — Cisco Umbrella Rank: 1062 q.stripe.com — Cisco Umbrella Rank: 5929 m.stripe.com — Cisco Umbrella Rank: 1038	131 KB
5	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1846 ekr.zdassets.com — Cisco Umbrella Rank: 2129	365 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 368	183 KB
3	sentry.io sentry.io — Cisco Umbrella Rank: 229	1 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 638 script.hotjar.com — Cisco Umbrella Rank: 870 in.hotjar.com — Cisco Umbrella Rank: 5657	73 KB
3	appcues.com fast.appcues.com — Cisco Umbrella Rank: 4674	129 KB
2	zendesk.com zeroheightsupport.zendesk.com — Cisco Umbrella Rank: 563747	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1128	18 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6253	161 B
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 6567	9 KB
1	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2429	25 KB
42	12

	Domain	Requested by
9	content-guidelines.usbank.com	content-guidelines.usbank.com
4	static.zdassets.com	content-guidelines.usbank.com static.zdassets.com
4	maps.googleapis.com	content-guidelines.usbank.com maps.googleapis.com
3	q.stripe.com	content-guidelines.usbank.com
3	sentry.io	content-guidelines.usbank.com
3	fast.appcues.com	content-guidelines.usbank.com fast.appcues.com
3	js.stripe.com	content-guidelines.usbank.com js.stripe.com
2	m.stripe.com	m.stripe.network
2	zeroheightsupport.zendesk.com	static.zdassets.com
2	m.stripe.network	js.stripe.com m.stripe.network
1	content.hotjar.io	content-guidelines.usbank.com
1	in.hotjar.com	content-guidelines.usbank.com
1	script.hotjar.com	static.hotjar.com
1	ekr.zdassets.com	static.zdassets.com
1	public.profitwell.com	content-guidelines.usbank.com
1	static.hotjar.com	content-guidelines.usbank.com
1	cdn.amplitude.com	content-guidelines.usbank.com
42	17

This site contains no links.

Subject Issuer	Validity	Valid
zeroheight.com R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-04-20` - `2023-08-05`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-01` - `2023-12-03`	a year	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.profitwell.com Amazon RSA 2048 M02	`2023-03-01` - `2023-08-01`	5 months	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
zeroheightsupport.zendesk.com Cloudflare Inc ECC CA-3	`2023-01-27` - `2024-01-26`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh

This page contains 4 frames:

Primary Page: https://content-guidelines.usbank.com/
Frame ID: 5BB510C1E6BBAB96951E2D5E4E281B01
Requests: 28 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 5E149B90F5281AA6EA772FD65D541882
Requests: 4 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js
Frame ID: 785DBF86F0332D531FFB1B1FF43B4969
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A8B1C03FA18E273AE53F2BA0BCEF5BC6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

zeroheight

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

Page Statistics

42
Requests

79 %
HTTPS

19 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

4921 kB
Transfer

14363 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
content-guidelines.usbank.com/ 13 KB
7 KB 275ms
63ms Document
text/html 54.195.237.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-guidelines.usbank.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.237.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-237-234.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c883ae764c10f35c1ec221917874a1d3a7df77dc115b943e2a55db8746fb769f

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; connect-src .hotjar.com: vc.hotjar.io:* surveystats.hotjar.io wss://.hotjar.com wss://api.appcues.net: https: 'self' wss://.zeroheight.dev: wss://replay.uxtweak.com:*; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com; object-src 'self' https: data:; script-src 'self' js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:*; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com; object-src 'self' https: data:; script-src 'self' js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Date: Fri, 05 May 2023 21:14:26 GMT
ETag: W/"c883ae764c10f35c1ec221917874a1d3"
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 89ff77d2-5b8d-4691-ade9-8a91b5999308
X-Runtime: 0.013692
X-XSS-Protection: 1; mode=block
x-rack-cors: miss; no-origin

GET
H/1.1 200
OK plugin-1d5e2628b7988bf7c383ff687a9aa767f3fc37b918f80aa903e0a3cae97f2509.css
content-guidelines.usbank.com/the-other-assets/ 88 KB
15 KB 49ms
49ms Stylesheet
text/css 54.195.237.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content-guidelines.usbank.com/the-other-assets/plugin-1d5e2628b7988bf7c383ff687a9aa767f3fc37b918f80aa903e0a3cae97f2509.css
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.237.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-237-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1d5e2628b7988bf7c383ff687a9aa767f3fc37b918f80aa903e0a3cae97f2509

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 21:14:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2023 11:34:32 GMT
Server: nginx
ETag: W/"644274c8-16111"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
content-guidelines.usbank.com/zhapp/bundles/ 427 KB
83 KB 111ms
56ms Stylesheet
text/css 54.195.237.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content-guidelines.usbank.com/zhapp/bundles/style.css?version=1.5.9.3296
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.237.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-237-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 67b1e60ac21294087335c96f0c68614a69880b99a8fab05ebb1d750cff2c9f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 21:14:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 May 2023 17:16:08 GMT
Server: nginx
ETag: W/"645539d8-6acba"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK SpaceGrotesk.css
content-guidelines.usbank.com/fonts/ 635 B
865 B 146ms
48ms Stylesheet
text/css 54.195.237.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content-guidelines.usbank.com/fonts/SpaceGrotesk.css
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.237.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-237-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9d6bc673da8459803b24621dd2a278e425c6aca2b32490c46c20163b1849d6db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 21:14:27 GMT
Last-Modified: Tue, 18 Apr 2023 09:19:49 GMT
Server: nginx
ETag: "643e60b5-27b"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 635

GET
H2 200 / Show response
js.stripe.com/v3/ 471 KB
127 KB 94ms
26ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ebc0a2e260c074f09d4a4d093000e2ff431f82c0bb336c620f4c46ce2cc131ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 05 May 2023 21:14:26 GMT
via: 1.1 varnish
age: 8
x-cache: HIT
content-length: 129410
x-request-id: 954536e8-de20-4ad7-88ad-fff281bf51b9
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Fri, 05 May 2023 20:32:12 GMT
server: Fastly
etag: "6ef02cb77f0552bda4a3018abfeded23"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 220 KB
71 KB 140ms
59ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCGG3QHUGXi434KSALHPPr4cnfedM6M53w&libraries=places&channel=GMPSB_addressselection_v1_cAC

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6051508065ac89fe9c7a6d525999353eab237cf54f5f43367a2c3dd889ff5836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71861
x-xss-protection: 0

GET
H2 200 119582.js Show response
fast.appcues.com/ 21 KB
5 KB 605ms
547ms Script
text/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/119582.js
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e38c14a60d3b3a72c74488658b9b259050d6d650ff1ad7ad155ad860d2168455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:27 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 5056
x-request-id: F1xbximYOkadLVQSVDYB
x-served-by: cache-fra-etou8220028-FRA
server: Cowboy
x-timer: S1683321267.950572,VS0,VE527
vary: accept-encoding, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 0

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 98ms
40ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=4e92de70-6fb3-4abf-81a3-b1598809f1ba

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:26 GMT
x-amz-version-id: PBHdtxERTX7HUmm2o8dmki0ZTZF0krHp
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HWZKT95TV15S98AK
age: 60
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: K/4s55giTB53y0IpyQ+EB/H5kBS7sGUPOM8MTPB2ssL7tf1rorQ3W92F9suqFvgvmQVMU20+kFQ=
last-modified: Fri, 17 Mar 2023 01:24:00 GMT
server: cloudflare
etag: W/"35755063f184195a50a9c07a2c71693a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caF25od%2BaCgctJHhZXsihE%2FK7F2DGrHrIFsf%2FtRMoNny5pu2dY2r3rr5Tnt8k4fz%2BuWfSmIrQAvWzeVjwCJFd1QDFtxaZwssEIo%2BKM7t6fNG6tGWfZsOPQPGryEFTCk1HoUM7Dc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7c2bfe3e78121ca1-FRA

GET
H/1.1 200
OK highlight.min.js Show response
content-guidelines.usbank.com/ 45 KB
19 KB 206ms
101ms Script
application/javascript 54.195.237.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content-guidelines.usbank.com/highlight.min.js
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.237.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-237-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 21:14:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Apr 2023 09:19:49 GMT
Server: nginx
ETag: W/"643e60b5-b3b3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK app.js Show response
content-guidelines.usbank.com/zhapp/bundles/ 10 MB
4 MB 244ms
98ms Script
application/javascript 54.195.237.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content-guidelines.usbank.com/zhapp/bundles/app.js?version=1.5.9.3296
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.237.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-237-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c5fa2b4bfb5382214af6ee3c98596d1155e3595163c72b657fbf211c0ddddaf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 21:14:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 May 2023 17:16:08 GMT
Server: nginx
ETag: W/"645539d8-a185aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 amplitude-4.4.0-min.gz.js Show response
cdn.amplitude.com/libs/ 74 KB
25 KB 95ms
26ms Script
application/javascript 52.222.206.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-214.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 07:44:26 GMT
content-encoding: gzip
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-version-id: 5wXGiWTByEVk3DSg02L19x7h8A..ke3l
x-amz-cf-pop: FRA56-P3
age: 26832602
x-cache: Hit from cloudfront
content-length: 25521
last-modified: Mon, 21 Oct 2019 15:45:35 GMT
server: AmazonS3
etag: "0ac70c6a5de910a09be49cfefd77c771"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0T_H5zGTUM_EqZmGqapT_0-V08FoLMfn-arrWZOC4JirhpbBtLxEzg==

GET
H2 200 hotjar-2696114.js Show response
static.hotjar.com/c/ 9 KB
4 KB 130ms
55ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2696114.js?sv=6

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

6d8f11114cc578f71e570b6d218dcbbca26e992b544117085ebc25dc0ba31371

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 05 May 2023 21:14:27 GMT
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/dcc4e17fd1c06f31e0db5f11bc0db4a3
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 0dLN-LEHCMkgJI76IZqG8xIwUUXFFFDUV9ptCGjMiDXfek0ZswKCCA==

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 646ms
418ms Script
application/x-javascript 13.32.121.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=110dd6b37ab982d797794cf174ec1477
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:29 GMT
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: public,max-age=86400
x-amz-cf-id: 5coFT4Rxbc3L12iFYO2R076QNtLKOTeYeiZfQ93G8kykhIzELeb3wg==

GET
H2 200 appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js Show response
fast.appcues.com/generic/main/4.53.1/ 427 KB
121 KB 71ms
25ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/119582.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71ba7bfe96a36cbf8f83183feb91e6e73ea7144313be0ba46cc8fea020ea6e80

Request headers

Referer: https://content-guidelines.usbank.com/
Origin: https://content-guidelines.usbank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:27 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: B5ABT6MA2FVNCVE2
age: 957251
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 123629
x-amz-id-2: BCDy1HKw0FaF/BAFvILeNq5wmyfHJMB7qlAEMmrh0+z/yZ7Euuth+3VFebARDYy228PgITEv13Q=
x-served-by: cache-fra-etou8220021-FRA
last-modified: Mon, 24 Apr 2023 18:56:52 GMT
server: AmazonS3
x-timer: S1683321268.553645,VS0,VE0
etag: "325b9a6678104a85e18bc8550b5128bb"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 16194

GET
H2 200 4e92de70-6fb3-4abf-81a3-b1598809f1ba Show response
ekr.zdassets.com/compose/ 409 B
1 KB 414ms
359ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/4e92de70-6fb3-4abf-81a3-b1598809f1ba

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4e92de70-6fb3-4abf-81a3-b1598809f1ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24d14d6b8a6522b049ebe007046557da1a942586d58de004a0fbcde9ab06e89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:27 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7c2bfe4258769b49-SEA, 7c2bfe4258769b49-SEA
x-runtime: 0.002088
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"24d14d6b8a6522b049ebe007046557da"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpMh9WrxtGTeYdeXDeISeewvHGUWXifD8mX5DUqJrrVClqu2pvVy4TRwzQAcjzWNldBPNqtYrx9kDuO8Hry9s%2FaZFS03mpB%2FBIPSLTo07Jl0DLaubq0xnxfKp8TRyud7Y6o%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 7c2bfe4258769b49-FRA

GET
H2 200 container.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.css
fast.appcues.com/generic/main/4.53.1/ 15 KB
2 KB 22ms
21ms Stylesheet
text/css 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.53.1/container.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.css
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de

Request headers

Referer: https://content-guidelines.usbank.com/
Origin: https://content-guidelines.usbank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:27 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: Q04M3ABA3Q22B3GF
age: 957278
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2027
x-amz-id-2: 0u5y404jH/cG4t7Sjrf7XB+L8dZLVCApOqkgFOxFrRGNAJkiXfvUdJCxEmHCuXKjDKBIbYhyT7X0crCsLLX9/w==
x-served-by: cache-fra-etou8220021-FRA
last-modified: Mon, 24 Apr 2023 18:56:52 GMT
server: AmazonS3
x-timer: S1683321268.754696,VS0,VE0
etag: "040cf4e7e86c4d735fc66db697584fb0"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css; charset=utf-8;
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 15265

GET
H2 200 modules.b440b8b3971e5ec6056f.js Show response
script.hotjar.com/ 264 KB
68 KB 107ms
31ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b440b8b3971e5ec6056f.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2696114.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

674492bb351bc3c8328b014f9ad016d26361a9da7599de0f0af8dfdbb7b99d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 215120
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69234
last-modified: Wed, 03 May 2023 09:28:55 GMT
etag: "4d60597d3bb7082d16c50293546f6f66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: R-oAFIeYa5U-IFOV-EQyJdm76Q1NZYVyq87eOxu1k8YYDAU8pGm6Mw==

POST
H/1.1 200
OK / Show response
sentry.io/api/1297203/envelope/ 2 B
442 B 546ms
131ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1297203/envelope/?sentry_key=2cda59db5cb04520a5bffe1736d73cee&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/zhapp/bundles/app.js?version=1.5.9.3296

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://content-guidelines.usbank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 May 2023 21:14:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H/1.1 200
OK spin.gif
content-guidelines.usbank.com/images/zhapp/ 31 KB
31 KB 48ms
47ms Image
image/gif 54.195.237.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content-guidelines.usbank.com/images/zhapp/spin.gif
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.237.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-237-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 00ce3cf487e823d14a89eab41ece2d3deadb0545ab404cacc2a22ecd796b04ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 21:14:28 GMT
Last-Modified: Tue, 18 Apr 2023 09:19:49 GMT
Server: nginx
ETag: "643e60b5-7c9f"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31903

GET
H/1.1 200
OK full-logo-350.png
content-guidelines.usbank.com/images/zhapp/ 5 KB
5 KB 50ms
49ms Image
image/png 54.195.237.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content-guidelines.usbank.com/images/zhapp/full-logo-350.png
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.237.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-237-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3d94835ab2a852468ac15cace920aa5aec4fd25734869739111f87b062dcd7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 21:14:28 GMT
Last-Modified: Tue, 18 Apr 2023 09:19:49 GMT
Server: nginx
ETag: "643e60b5-1267"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4711

GET
H/1.1 200
OK multidrag.png
content-guidelines.usbank.com/images/zhapp/ 523 B
754 B 47ms
46ms Image
image/png 54.195.237.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content-guidelines.usbank.com/images/zhapp/multidrag.png
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.237.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-237-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 92f9c5adcb1361309d91e0587b85b10fa3279396e9aa791f2759e7be5514c3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 21:14:28 GMT
Last-Modified: Tue, 18 Apr 2023 09:19:49 GMT
Server: nginx
ETag: "643e60b5-20b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 523

POST
H/1.1 200
OK / Show response
sentry.io/api/1297203/envelope/ 2 B
442 B 530ms
132ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1297203/envelope/?sentry_key=2cda59db5cb04520a5bffe1736d73cee&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/zhapp/bundles/app.js?version=1.5.9.3296

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://content-guidelines.usbank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 May 2023 21:14:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1297203/envelope/ 2 B
442 B 534ms
133ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1297203/envelope/?sentry_key=2cda59db5cb04520a5bffe1736d73cee&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/zhapp/bundles/app.js?version=1.5.9.3296

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://content-guidelines.usbank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 May 2023 21:14:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 96ms
43ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/zhapp/bundles/app.js?version=1.5.9.3296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://content-guidelines.usbank.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 5E14 200 B
810 B 22ms
22ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content-guidelines.usbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10533722
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 05 May 2023 21:14:28 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 675548
x-content-type-options: nosniff
x-request-id: ef3b672d-bacc-4536-9d45-4376e13490a5
x-served-by: cache-fra-eddf8230021-FRA

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2696114/ 147 B
322 B 171ms
53ms XHR
application/json 52.208.128.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2696114/visit-data?sv=6
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/zhapp/bundles/app.js?version=1.5.9.3296
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.208.128.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-128-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a93a6a0af4e304fc94826ea986ae70ff57886a8c744b3f003ef320c23ae54961

Request headers

Referer: https://content-guidelines.usbank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 05 May 2023 21:14:28 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5E14 631 B
469 B 23ms
22ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 05 May 2023 21:14:28 GMT
via: 1.1 varnish
age: 14951378
x-cache: HIT
content-length: 332
x-request-id: 358c3dfa-b8ee-4c6b-953f-c854f1984987
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 597181

GET
H2 200 web-widget-framework-4156df7a230d696d9dfa.js Show response
static.zdassets.com/web_widget/latest/ Frame 785D 163 KB
51 KB 37ms
37ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4e92de70-6fb3-4abf-81a3-b1598809f1ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099bd9867467f5ad904780b6a1c2a93aaa54e869c4ffec16f12878cd9bce907a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:28 GMT
x-amz-version-id: tWrlWgSWj4y2kCVtosT1irVWDwD.aQlK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4AS5204Q8AWHDZ18
age: 70335
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yPEU35Yl/7jO/cOxTdPF69jfJ4p5rsVlzegPJfljZrre/RQHsrP6wPaH2L27PTbG/0S+uqoTvyI=
last-modified: Fri, 05 May 2023 01:12:08 GMT
server: cloudflare
etag: W/"8fb65d85b93d5ff05784a92cb5fd6750"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FzezWpv2%2Fx2wFqtt2phCXaVktEt9yqWk27uDvXHEtusYM%2ByxXzJDalrK4E5mE1Xo8KiOftk%2BEgx0Mx1l44eiL9n6vs5fNj0zkklAh5PwI4GubS%2FEZGJm0PazNWGS93oHcSIFCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c2bfe499c5d1ca1-FRA
expires: Sat, 04 May 2024 01:12:06 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 5E14 0
717 B 766ms
213ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 05 May 2023 21:14:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683321269439923
x-envoy-upstream-service-time: 20
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683321269422649
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5E14 0
718 B 787ms
235ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 05 May 2023 21:14:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683321269442719
x-envoy-upstream-service-time: 42
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 20
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683321269422675
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A8B1 930 B
2 KB 135ms
35ms Document
text/html 2600:9000:238d:a600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:238d:a600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 05 May 2023 21:14:24 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 74511018c757716e70d811d8214e45e0.cloudfront.net (CloudFront)
x-amz-cf-id: bZr65NVvg7aGu0sfXNT9nLYzyBePFxM5OY7PvAKsNpHq8uU4asrvKQ==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 config Show response
zeroheightsupport.zendesk.com/embeddable/ Frame 785D 648 B
1 KB 249ms
184ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zeroheightsupport.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e65ccbbf51ec29f7e1c3c38a95d90f0ffb5e006791733c8e825ff755caced36a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-f798bbf95-fcj2h
x-cached: MISS
x-request-id: 7c2bfe4a8dce1cbd-IAD
x-runtime: 0.002387
last-modified: Fri, 05 May 2023 21:11:06 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUJC%2BsJcXfHht3ekKAMOshQT6K0PX%2B6xAljllukF3PI8Z7LCQ8H2w4%2Bp96RVm%2Bvk8IKUkn5bVex1ObNh%2Fw%2FBUoAwhcwwmYJkLBtHgF2mCaLFnn0c8VrUuu%2B7irvc%2BRPRLH7uDIK53v48j2IvZsMS"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7c2bfe4a8dce1cbd-FRA

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 242ms
95ms XHR
application/json 34.241.208.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/zhapp/bundles/app.js?version=1.5.9.3296
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.241.208.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-208-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 54f523e78254e31edfb4b395d5cdbeb0b711cb6988a70508c61d82d5e1e88306

Request headers

Referer: https://content-guidelines.usbank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 05 May 2023 21:14:29 GMT
content-length: 56
vary: Origin
content-type: application/json

POST
H2 200 csp-report
q.stripe.com/ Frame A8B1 0
491 B 610ms
202ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: content-guidelines.usbank.com
URL: https://content-guidelines.usbank.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 05 May 2023 21:14:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683321269424687
x-envoy-upstream-service-time: 9
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1683321269422681
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame A8B1 86 KB
16 KB 41ms
41ms Script
text/javascript 2600:9000:238d:a600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:238d:a600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 May 2023 21:12:56 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 74511018c757716e70d811d8214e45e0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 92
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: Ak9xRle4Q1Kxt0XdKTaSf4eeNNYJhyvfJDuDI36AP17W6XfKPkiW1g==

POST
H2 200 6 Show response
m.stripe.com/ Frame A8B1 156 B
670 B 599ms
199ms XHR
application/json 52.41.90.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.90.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-90-223.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8fd98ac7ccb41a23b832d1d022c71a228fc55bc5d0a1e4263a32c5051fa8ec5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 05 May 2023 21:14:29 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683321269530793
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1683321269530294
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 web-widget-main-045c15a.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 785D 1 MB
300 KB 44ms
43ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-045c15a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b288b6208cc6323cad302f11a9fd9834ffb805697a0a0bf470b8d755e64790c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:29 GMT
x-amz-version-id: OF603kM6JheN1drlFuNSgbvf38TOXoYk
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: C6EYA2JWVJ7347JJ
age: 70335
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: urmGRC/6MBt/scfbm0sh1CJdoKMuvqgKlRmw21eUe+kJIUQFzKZ056T/sqMRjh8h/ZsAY8VGC9o=
last-modified: Fri, 05 May 2023 01:14:49 GMT
server: cloudflare
etag: W/"f39832e8ba6f55355f7b1fa431b62614"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d59esaGhiKOpO%2FNyBrLBiQvlrJw7gu8%2FhZkEXtBrraK3zpnQ0VWAh4qKpL1vguwf7YAJa7dfhhJ8gP7haSt3KzxndX7F2l%2BY%2BogKJpN4bBdNmLR4aSZDNz5hmobIGcBdRuxTOPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c2bfe4bbeb51ca1-FRA
expires: Sat, 04 May 2024 01:14:48 GMT

GET
H2 200 embeddable_blip Show response
zeroheightsupport.zendesk.com/ Frame 785D 0
330 B 147ms
147ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zeroheightsupport.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29sb3IiOnsiaGVhZGVyIjoiI2ZmZiIsImxhdW5jaGVyIjoiI2ZlZTZlZSIsImxhdW5jaGVyVGV4dCI6IiNjNTFkNTQifSwiY29udGFjdEZvcm0iOnsiZmllbGRzIjpbeyJpZCI6Im5hbWUiLCJwcmVmaWxsIjp7IioiOiIifX0seyJpZCI6ImVtYWlsIiwicHJlZmlsbCI6eyIqIjoiIn19XX0sImhlbHBDZW50ZXIiOnsic2VhcmNoUGxhY2Vob2xkZXIiOnsiKiI6IlNlYXJjaCJ9LCJ0aXRsZSI6eyIqIjoiemVyb2hlaWdodCBoZWxwIn19LCJ6SW5kZXgiOjR9fSwiYnVpZCI6ImM0M2IzYTI2NjdmYzQ5ODdiMTM1MWY1MjEzNjU2ODkxIiwic3VpZCI6Ijg0NjkzZjAyMjdlNjQ5MzdiYWYwMTkzOGNhMGQyOTA2IiwidmVyc2lvbiI6IjA0NWMxNWEiLCJ0aW1lc3RhbXAiOiIyMDIzLTA1LTA1VDIxOjE0OjI5LjM4MFoiLCJ1cmwiOiJodHRwczovL2NvbnRlbnQtZ3VpZGVsaW5lcy51c2JhbmsuY29tIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:29 GMT
cf-cache-status: MISS
last-modified: Fri, 05 May 2023 21:14:29 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ej30gzhnloIhe58kWhAznjy5xiemFZAtmRlk0VDAbhMEHZEXjpnFfVK8N5NdM%2BANYPVqdmNIwyjn6SerGMGlHBAhglmKKbBklXMVraTUE0VN1ejenFLekokik3BFZW7r%2FaAtXNPGNozeB654pxq"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7c2bfe4da98f1cbd-FRA
content-length: 0
x-request-id: 7c2bfe4da98f1cbd-IAD

GET
H2 200 en-us-json-045c15a.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 785D 25 KB
6 KB 34ms
33ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-045c15a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-045c15a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1e453d0d95718e19766d3023ea82dc059f728f3b112b7980773c109ac0bd31

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:29 GMT
x-amz-version-id: XVMb8ZsqSEAhcXLM3CAPrV3WIa4.AAgK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: C6EMXDJDH12YTFYY
age: 70335
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: NvO6PVvt63ykZX09uBuNh1hXs1qR1u9GnJvGvtyPrEx3HGc6ZYQd5JP0Mf0fx/7w4Xy9Xvgx7CY=
last-modified: Fri, 05 May 2023 01:14:51 GMT
server: cloudflare
etag: W/"89b68f56c96d15075b04b0ea633eabf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDJykngYZnDEQ6JBY4VEe9ptKaebCLwjcRxNpfsVUZ%2BdQG198L%2BU6KpcKUvYTPQzQD14D2kK6HCvYl7a%2BxkuVzsjfk2DnoE%2BEEVkAcZAbc7MCYDIr8mZJFxVaPWa0ja2BbDtCZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c2bfe4db8af1ca1-FRA
expires: Sat, 04 May 2024 01:14:50 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame A8B1 156 B
668 B 197ms
197ms XHR
application/json 52.41.90.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.90.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-90-223.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8fd98ac7ccb41a23b832d1d022c71a228fc55bc5d0a1e4263a32c5051fa8ec5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 05 May 2023 21:14:32 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683321272215639
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1683321272215204
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/ 272 KB
60 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCGG3QHUGXi434KSALHPPr4cnfedM6M53w&libraries=places&channel=GMPSB_addressselection_v1_cAC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2ab659374f1c9c7d89cfa475e6d9e6089cf3f92ae5835cfa60c5cbd7c2aa86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61448
x-xss-protection: 0
last-modified: Wed, 03 May 2023 01:13:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 18:10:04 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/ 164 KB
52 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/2/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCGG3QHUGXi434KSALHPPr4cnfedM6M53w&libraries=places&channel=GMPSB_addressselection_v1_cAC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bedce72abc16ef066f53454ed55f6090b81b444ff1d5b72c459b8fdd149044d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content-guidelines.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 20:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52709
x-xss-protection: 0
last-modified: Wed, 03 May 2023 01:13:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 20:31:20 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
content-guidelines.usbank.com/	1969-12-31 23:59:59	Name: _zeroheight_session Value: L1kvTlNqSkdFSEVjd0YzWjNsN2wyVTdKeWZjOFd5R1FLRTR6SDYrS3RIZlV1bE9Nb2I2djQ5MktFbytYR0JtMjY0M1EveGpYL29XRHdtSlUvSk1XRXFVc1p4TndoV2NDRVZVOEtlR040MnZYaVFkak1HbUFtMDlyWEgwM0Q5YldiY25tR2p6QVZiem8ySm1wcXhkTyt3PT0tLVlwWFVEWHJmOUI3TkhLekE3MzZLMWc9PQ%3D%3D--a6e033b38efe428496674c83424071cfe23596b6
.usbank.com/	1970-01-20 21:11:21	Name: amplitude_id_710046ca554fe7c78d358b8c5e09a168usbank.com Value: eyJkZXZpY2VJZCI6ImE0YmM4NTk5LTU3NWQtNGQ0MS04Y2JmLTllZThkZDI4MDI1ZlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY4MzMyMTI2NzY0NCwibGFzdEV2ZW50VGltZSI6MTY4MzMyMTI2NzY0NCwiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
.usbank.com/	1970-01-20 20:20:57	Name: _hjSessionUser_2696114 Value: eyJpZCI6IjY1M2Q1ZjRlLTdjYjQtNTJhOC04YzFlLTA3NDE0MzBkZmU0YSIsImNyZWF0ZWQiOjE2ODMzMjEyNjg2NDgsImV4aXN0aW5nIjpmYWxzZX0=
.usbank.com/	1970-01-20 11:35:23	Name: _hjFirstSeen Value: 1
.usbank.com/	1970-01-20 11:35:21	Name: _hjIncludedInSessionSample_2696114 Value: 1
.usbank.com/	1970-01-20 11:35:23	Name: _hjSession_2696114 Value: eyJpZCI6IjYwYTkwM2YyLTNiOGItNDU1ZC04Zjk0LTUxMGEzMmQzNDU4ZSIsImNyZWF0ZWQiOjE2ODMzMjEyNjg2NjEsImluU2FtcGxlIjp0cnVlfQ==
.usbank.com/	1970-01-20 11:35:23	Name: _hjAbsoluteSessionInProgress Value: 0
content-guidelines.usbank.com/	1969-12-31 23:59:59	Name: _hjHasCachedUserAttributes Value: true
content-guidelines.usbank.com/	1970-01-20 11:35:21	Name: _hjUserAttributesHash Value: e9a5e8cbd9f4b6fcc913c00ec9319b2b
m.stripe.com/	1970-01-20 21:11:21	Name: m Value: 25edc2e9-675f-4675-a8cd-c5d6bbe0ce3e533eb7
.content-guidelines.usbank.com/	1970-01-20 20:20:57	Name: __stripe_mid Value: 9b03f77c-42c1-4c67-9907-56973e828bbb199684
.content-guidelines.usbank.com/	1970-01-20 11:35:23	Name: __stripe_sid Value: 8483e44f-2410-4394-ac72-647c9b144e6613ee33

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'self'; connect-src .hotjar.com: vc.hotjar.io:* surveystats.hotjar.io wss://.hotjar.com wss://api.appcues.net: https: 'self' wss://.zeroheight.dev: wss://replay.uxtweak.com:*; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com; object-src 'self' https: data:; script-src 'self' js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.amplitude.com
content-guidelines.usbank.com
content.hotjar.io
ekr.zdassets.com
fast.appcues.com
in.hotjar.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
public.profitwell.com
q.stripe.com
script.hotjar.com
sentry.io
static.hotjar.com
static.zdassets.com
zeroheightsupport.zendesk.com
104.16.51.111
104.18.72.113
13.32.121.58
151.101.64.176
18.66.97.37
2600:9000:238d:a600:19:7d10:bd80:93a1
2a00:1450:4001:812::200a
2a04:4e42::622
34.241.208.166
35.188.42.15
52.208.128.54
52.222.206.214
52.222.236.43
52.41.90.223
54.187.159.182
54.195.237.234
00ce3cf487e823d14a89eab41ece2d3deadb0545ab404cacc2a22ecd796b04ae
099bd9867467f5ad904780b6a1c2a93aaa54e869c4ffec16f12878cd9bce907a
1d5e2628b7988bf7c383ff687a9aa767f3fc37b918f80aa903e0a3cae97f2509
21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe
24d14d6b8a6522b049ebe007046557da1a942586d58de004a0fbcde9ab06e89e
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
3d94835ab2a852468ac15cace920aa5aec4fd25734869739111f87b062dcd7b8
3f2ab659374f1c9c7d89cfa475e6d9e6089cf3f92ae5835cfa60c5cbd7c2aa86
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b1e453d0d95718e19766d3023ea82dc059f728f3b112b7980773c109ac0bd31
4b288b6208cc6323cad302f11a9fd9834ffb805697a0a0bf470b8d755e64790c
54f523e78254e31edfb4b395d5cdbeb0b711cb6988a70508c61d82d5e1e88306
6051508065ac89fe9c7a6d525999353eab237cf54f5f43367a2c3dd889ff5836
674492bb351bc3c8328b014f9ad016d26361a9da7599de0f0af8dfdbb7b99d48
67b1e60ac21294087335c96f0c68614a69880b99a8fab05ebb1d750cff2c9f02
6d8f11114cc578f71e570b6d218dcbbca26e992b544117085ebc25dc0ba31371
71ba7bfe96a36cbf8f83183feb91e6e73ea7144313be0ba46cc8fea020ea6e80
8fd98ac7ccb41a23b832d1d022c71a228fc55bc5d0a1e4263a32c5051fa8ec5f
92f9c5adcb1361309d91e0587b85b10fa3279396e9aa791f2759e7be5514c3eb
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
9bedce72abc16ef066f53454ed55f6090b81b444ff1d5b72c459b8fdd149044d
9d6bc673da8459803b24621dd2a278e425c6aca2b32490c46c20163b1849d6db
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a93a6a0af4e304fc94826ea986ae70ff57886a8c744b3f003ef320c23ae54961
aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae
c5fa2b4bfb5382214af6ee3c98596d1155e3595163c72b657fbf211c0ddddaf9
c883ae764c10f35c1ec221917874a1d3a7df77dc115b943e2a55db8746fb769f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de
e38c14a60d3b3a72c74488658b9b259050d6d650ff1ad7ad155ad860d2168455
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65ccbbf51ec29f7e1c3c38a95d90f0ffb5e006791733c8e825ff755caced36a
ebc0a2e260c074f09d4a4d093000e2ff431f82c0bb336c620f4c46ce2cc131ba
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c

content-guidelines.usbank.com Open in urlscan Pro 54.195.237.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

79 %HTTPS

19 %IPv6

12 Domains

17 Subdomains

16 IPs

4 Countries

4921 kBTransfer

14363 kBSize

12 Cookies

0 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

content-guidelines.usbank.com Open in urlscan Pro
54.195.237.234 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

79 %
HTTPS

19 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

4921 kB
Transfer

14363 kB
Size

12
Cookies

42 HTTP transactions
0 data transactions