www.myafco.com Open in urlscan Pro
23.54.190.89 Public Scan

URL: https://www.afco.com/shared/news-events.html
Title: News & Events

URL: https://www.afco.com/shared/about-us.html
Title: About Us

URL: https://www.afco.com/shared/legal-notice.html
Title: Legal

URL: https://www.afco.com/shared/privacy-security.html
Title: Privacy and Security

URL: https://www.afco.com/shared/terms-conditions.html
Title: Terms and Conditions

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/UXnFC4xvD7fYlDRoCxtFEU?domain=myafco.com/ HTTP 307
https://protect-us.mimecast.com/redirect/eNqtVVlv20YQ_isCnyV678MoihhG0BqIXcNOmgBRIMxeFmteIFdx3cD_vUPRic8CfcgTOefOfDP77bdi8H0uDouhc3HIXdnHAeoMb7Y7V7U5Di3kqmuhLn3XFMui7nxxSJbFEH2s-pyrJhaHVAnFGDFCETLZMB9bFpAz-G3Vpg7Tf1vfy01s87guDj-jJlV1PIMmorgu8gDt2FTjiMeVsanXxXJdjFuge6tjhBs8J2iI3CehDYvOGWlITIFRSqSNQBh8j2JS7eN0oB5oEhCk4swaErwWwLSigSjHBOcpcWqYZIGxSJRlShhJkmA0RKHnfE2Q-2SJEKcBtKcaVAwmGu4xzFFtkwMv985D1-XLn10Awvz-tp-BauI4wlVcHwzJG8ZWY945F8PcefXP5CQpJ3fL5wi7LtyW29w8RTYAIVFhiZ7YZDmiLF1MJBEDoISUhvOoORXPkaU8euweggdHUoiEJYcfK6h2CQRxITBnUmJEaqO8lyZYQ6P1yinjKXuCrNDJUy9DMsI5q4InhiaIkhlgAXfrNWR_TgGPkc3x77w-QITqx2AKovV_gJnR_wmYxhtCrWNRh6BtSFR7S8HgHCMN3mjjGXFSvFhTZwluCdMucOpppEQ4i_2HiOEsWpqwpSC4sp6IZEBSKiKT1FFugCT2dE1dosKR6B0VJkopk0pBAXfMaALSitfA_DkFvASzr6FqH6NJOad3X-6QSkKFJDJRz0mLUl8FNEq9LNxYHHL89oBUUxx_uDyihB8ZgU6w9z_eRn_94eLdrEC6QN2R9yiODYxblLBeQowSeDW9w6sKiguBNAGWsRCo0xzZg4GZQtowYETzNdbVGK_fQPLdPdeNO_cXmj6__fT-7cXZ0bsvi-Pjy9Xx6W-LcxiQxha_d3Wo2qtxuXhXnpeLj7Gue8jbR_qT1pfL9bBuv4ce74WTiVmbGCrI8bn34ryrK3-7ONs1yMhYRm7yabdrEZ5iN05xvJhA8i_QmZj8gW4R3KqvHrFt-311z2eKXy4uZs7fjyc2UNV78_95CfYhoWv2w8WY133mOcdxGq2iWnCB3EZnzB8K_VHXn_MIlotTGK6fFfViPs8reKKv-pl7RUkZKZUt6czN227MczrMa0rnoA35vtYZ6bMu4INWEMJQrnr8fZwEdc14NbVT_AITayptufRScK2B4p1jjnmajKUKflT66xQ1c3bG1S4YwbeSE0ZwKYlW1qJ9N9Ro2ebcH64P1gc3Nzdlc_ujpYMJxWnzrzZ-FTe7kdCNtZuvwdoVZZuHJdjc56YburnflRW2ssJDiMG3xk4dXO32DdCbjxf8uvr0x_vmujXhdDwZN-4G7R4juyYOfobi6YrFq_m-9UOX8faudmM53XoP4x7H4u5fHIWCCg HTTP 307
http://www.myafco.com/ HTTP 301
https://www.myafco.com/ Page URL
https://www.myafco.com/borrower Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://protect-us.mimecast.com/s/UXnFC4xvD7fYlDRoCxtFEU?domain=myafco.com/ HTTP 307
https://protect-us.mimecast.com/redirect/eNqtVVlv20YQ_isCnyV678MoihhG0BqIXcNOmgBRIMxeFmteIFdx3cD_vUPRic8CfcgTOefOfDP77bdi8H0uDouhc3HIXdnHAeoMb7Y7V7U5Di3kqmuhLn3XFMui7nxxSJbFEH2s-pyrJhaHVAnFGDFCETLZMB9bFpAz-G3Vpg7Tf1vfy01s87guDj-jJlV1PIMmorgu8gDt2FTjiMeVsanXxXJdjFuge6tjhBs8J2iI3CehDYvOGWlITIFRSqSNQBh8j2JS7eN0oB5oEhCk4swaErwWwLSigSjHBOcpcWqYZIGxSJRlShhJkmA0RKHnfE2Q-2SJEKcBtKcaVAwmGu4xzFFtkwMv985D1-XLn10Awvz-tp-BauI4wlVcHwzJG8ZWY945F8PcefXP5CQpJ3fL5wi7LtyW29w8RTYAIVFhiZ7YZDmiLF1MJBEDoISUhvOoORXPkaU8euweggdHUoiEJYcfK6h2CQRxITBnUmJEaqO8lyZYQ6P1yinjKXuCrNDJUy9DMsI5q4InhiaIkhlgAXfrNWR_TgGPkc3x77w-QITqx2AKovV_gJnR_wmYxhtCrWNRh6BtSFR7S8HgHCMN3mjjGXFSvFhTZwluCdMucOpppEQ4i_2HiOEsWpqwpSC4sp6IZEBSKiKT1FFugCT2dE1dosKR6B0VJkopk0pBAXfMaALSitfA_DkFvASzr6FqH6NJOad3X-6QSkKFJDJRz0mLUl8FNEq9LNxYHHL89oBUUxx_uDyihB8ZgU6w9z_eRn_94eLdrEC6QN2R9yiODYxblLBeQowSeDW9w6sKiguBNAGWsRCo0xzZg4GZQtowYETzNdbVGK_fQPLdPdeNO_cXmj6__fT-7cXZ0bsvi-Pjy9Xx6W-LcxiQxha_d3Wo2qtxuXhXnpeLj7Gue8jbR_qT1pfL9bBuv4ce74WTiVmbGCrI8bn34ryrK3-7ONs1yMhYRm7yabdrEZ5iN05xvJhA8i_QmZj8gW4R3KqvHrFt-311z2eKXy4uZs7fjyc2UNV78_95CfYhoWv2w8WY133mOcdxGq2iWnCB3EZnzB8K_VHXn_MIlotTGK6fFfViPs8reKKv-pl7RUkZKZUt6czN227MczrMa0rnoA35vtYZ6bMu4INWEMJQrnr8fZwEdc14NbVT_AITayptufRScK2B4p1jjnmajKUKflT66xQ1c3bG1S4YwbeSE0ZwKYlW1qJ9N9Ro2ebcH64P1gc3Nzdlc_ujpYMJxWnzrzZ-FTe7kdCNtZuvwdoVZZuHJdjc56YburnflRW2ssJDiMG3xk4dXO32DdCbjxf8uvr0x_vmujXhdDwZN-4G7R4juyYOfobi6YrFq_m-9UOX8faudmM53XoP4x7H4u5fHIWCCg HTTP 307
http://www.myafco.com/ HTTP 301
https://www.myafco.com/

Request Chain 17

https://cm.everesttech.net/cm/dd?d_uuid=80237465381167605653003969315380271774 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh_VxAAAADZjwAQn

Request Chain 21

https://idsync.rlcdn.com/365868.gif?partner_uid=80237465381167605653003969315380271774 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODAyMzc0NjUzODExNjc2MDU2NTMwMDM5NjkzMTUzODAyNzE3NzQQABoNCMSr_pAGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=29ddf8385e4af495f214692219c7f74afa1d74b8811e49209425ec90bb95983db0da87c991749652

Request Chain 23

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODAyMzc0NjUzODExNjc2MDU2NTMwMDM5NjkzMTUzODAyNzE3NzQ= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODAyMzc0NjUzODExNjc2MDU2NTMwMDM5NjkzMTUzODAyNzE3NzQ=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENfwucCNJskw4IW6v8qlWjY&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 25

https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=80237465381167605653003969315380271774 HTTP 302
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1b6ppx3n4k9un

Request Chain 27

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWhfVnhBQUFBRFpqd0FRbg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEMrGilZuF_M9lZNsPSLLoTc&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 28

https://a.tribalfusion.com/i.match?p=b13&u=80237465381167605653003969315380271774&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=80237465381167605653003969315380271774&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 29

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=80237465381167605653003969315380271774&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-ocj7VyBE2pFEFd98cEEIcZtCgnUfJKIacXs-~A

Request Chain 30

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWhfVnhBQUFBRFpqd0FRbg==

Request Chain 31

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yh_VxAAAADZjwAQn&expires=90

Request Chain 32

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh_VxAAAADZjwAQn HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh_VxAAAADZjwAQn&C=1

Request Chain 33

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Yh_VxAAAADZjwAQn HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYh_VxAAAADZjwAQn

Request Chain 34

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yh_VxAAAADZjwAQn HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yh_VxAAAADZjwAQn

Request Chain 35

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh_VxAAAADZjwAQn

Request Chain 36

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yh_VxAAAADZjwAQn&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yh_VxAAAADZjwAQn&img=1&__user_check__=1&sync_id=9341bc31-9a42-11ec-a60b-1e3873bf0303

Request Chain 37

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yh_VxAAAADZjwAQn&t=2592000&o=0

Request Chain 38

https://sync.srv.stackadapt.com/sync?nid=adobe HTTP 302
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=9I3mJ4BBQGR3AULUmkqBEAW16oU

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
www.myafco.com/
Redirect Chain

https://protect-us.mimecast.com/s/UXnFC4xvD7fYlDRoCxtFEU?domain=myafco.com/
https://protect-us.mimecast.com/redirect/eNqtVVlv20YQ_isCnyV678MoihhG0BqIXcNOmgBRIMxeFmteIFdx3cD_vUPRic8CfcgTOefOfDP77bdi8H0uDouhc3HIXdnHAeoMb7Y7V7U5Di3kqmuhLn3XFMui7nxxSJbFEH2s-pyrJhaHVAnFGDFCETLZ...
http://www.myafco.com/
https://www.myafco.com/

289 B
647 B

71ms
9ms

Document
text/html

23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myafco.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-190-89.deploy.static.akamaitechnologies.com
Software: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
Last-Modified: Wed, 09 Sep 2020 00:19:22 GMT
Accept-Ranges: bytes
ETag: "cfd129de3e86d61:0"
X-Powered-By: ASP.NET
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 188
Expires: Wed, 02 Mar 2022 16:05:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Mar 2022 16:05:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.myafco.com/
Expires: Wed, 02 Mar 2022 16:05:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Mar 2022 16:05:22 GMT
Connection: keep-alive

GET
H/1.1 200
OK Primary Request borrower Show response
www.myafco.com/ 11 KB
5 KB 165ms
153ms Document
text/html 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

b99a20b74fa0bdc8d615dc66e5012a211d4f7d1a798c8fcbdef29c23395634d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/

Response headers

Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
Strict-Transport-Security: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
X-Akamai-Transformed: 9 10481 0 pmb=mRUM,1
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Wed, 02 Mar 2022 16:05:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Mar 2022 16:05:23 GMT
Content-Length: 3519
Connection: keep-alive

GET
H/1.1 200
OK site-resources.min.css
www.myafco.com/borrower/css/ 170 KB
27 KB 31ms
23ms Stylesheet
text/css 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower/css/site-resources.min.css

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

d10449db4ff5976bca63efdbc0ae8ebb22ad2023fd6b06f52f6c123bd1bc9e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/borrower
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 20:59:00 GMT
Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
X-Powered-By: ASP.NET
ETag: "1d7bbbe26cda5b4"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=0, no-cache, no-store
Date: Wed, 02 Mar 2022 16:05:23 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27317
Expires: Wed, 02 Mar 2022 16:05:23 GMT

GET
H/1.1 200
OK site-style.min.css
www.myafco.com/borrower/css/ 212 KB
34 KB 30ms
18ms Stylesheet
text/css 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower/css/site-style.min.css

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

d3c9a8e995541c535d35784bbb86116c7d1455516ae40c478dc2c6bebc9acc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/borrower
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 20:59:00 GMT
Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
X-Powered-By: ASP.NET
ETag: "1d7bbbe26cc521b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=0, no-cache, no-store
Date: Wed, 02 Mar 2022 16:05:23 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34332
Expires: Wed, 02 Mar 2022 16:05:23 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.1/css/ 53 KB
12 KB 113ms
40ms Stylesheet
text/css 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Requested by: Host: www.myafco.com
URL: https://www.myafco.com/borrower
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:05:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20635072
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PPQ8AXN5QFWPCEMF
x-amz-id-2: DgW30SkctiRiHL7VF06GE+MWvbS7u6pj6kZMlCTVElBlKUra0d99EnXiP6FLL4sUuwfwSOzcSlk=
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
server: cloudflare
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpjLrWWfmFGirqNs4t8lSjKWXdYUt8NS9rT%2By16KjoYtldHWWJhr1q0gtJYRpT4UblWtZWu%2FCqOI2aZDixpA01sVzf8alGLpTc%2Bm7mVgw%2F7zS6ptjmvPbPsQsQAmFbB1OyHWFPOWDcW0cZwf%2FXAjRG8Y"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6e5b5fa4aea415c7-EWR

GET
H/1.1 200
OK site-config.min.js Show response
www.myafco.com/borrower/js/ 440 KB
128 KB 33ms
18ms Script
application/javascript 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower/js/site-config.min.js?v=Oxx9ktfQtOyuGPdd9KbUZCiTyn-U7c9ga-sTRV9f-eY

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

3b1c7d92d7d0b4ecae18f75df4a6d4642893ca7f94edcf606beb13455f5ff9e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/borrower
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 20:59:02 GMT
Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
X-Powered-By: ASP.NET
ETag: "1d7bbbe2806f1bd"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Date: Wed, 02 Mar 2022 16:05:23 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
Expires: Wed, 02 Mar 2022 16:05:23 GMT

GET
H/1.1 200
OK site-plugins.min.js Show response
www.myafco.com/borrower/js/ 146 KB
52 KB 45ms
27ms Script
application/javascript 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower/js/site-plugins.min.js?v=d2HnHWq5y-SiYC6WkVWkRN68zp_ufUVxGQ_Cl3prmhA

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

7761e71d6ab9cbe4a2602e969155a444debcce9fee7d4571190fc2977a6b9a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/borrower
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 20:59:02 GMT
Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
X-Powered-By: ASP.NET
ETag: "1d7bbbe28026702"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Date: Wed, 02 Mar 2022 16:05:23 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
Expires: Wed, 02 Mar 2022 16:05:23 GMT

GET
H/1.1 200
OK site-script.min.js Show response
www.myafco.com/borrower/js/ 6 KB
2 KB 30ms
12ms Script
application/javascript 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower/js/site-script.min.js?v=rj5qHMMoDMLEo-RqkpvjN_obCUy-8xwMLGfBNTicU-w

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

ae3e6a1cc3280cc2c4a3e46a929be337fa1b094cbef31c0c2c67c135389c53ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/borrower
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 20:59:02 GMT
Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
X-Powered-By: ASP.NET
ETag: "1d7bbbe2800394f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Date: Wed, 02 Mar 2022 16:05:23 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2013
Expires: Wed, 02 Mar 2022 16:05:23 GMT

GET
H2 200 launch-f20c4d0e95da.min.js Show response
assets.adobedtm.com/550322ae7d69/45dda2f1a964/ 149 KB
44 KB 29ms
5ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/550322ae7d69/45dda2f1a964/launch-f20c4d0e95da.min.js
Requested by: Host: www.myafco.com
URL: https://www.myafco.com/borrower
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: dfba1db12e46b387c057b5c710c11244ad8e21ba7985dcf8fc2be536b6703616

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:05:23 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 00:06:02 GMT
server: AkamaiNetStorage
etag: "2cda09097d073805ed8a547cb355fb86:1623801962.560055"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.myafco.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 44966
expires: Wed, 02 Mar 2022 17:05:23 GMT

GET
H/1.1 200
OK jquery.mask.min.js Show response
www.myafco.com/borrower/js/ 8 KB
4 KB 39ms
21ms Script
application/javascript 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower/js/jquery.mask.min.js

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

d76519645ff1cb534fb5bacf5f1554d4e39c38d27ac639965ae5ae31568fad9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/borrower
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 20:59:00 GMT
Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
X-Powered-By: ASP.NET
ETag: "1d7bbbe26cf229a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Date: Wed, 02 Mar 2022 16:05:23 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3461
Expires: Wed, 02 Mar 2022 16:05:23 GMT

GET
H/1.1 200
OK login-script.min.js Show response
www.myafco.com/borrower/js/Custom%20Scripts/ 121 B
628 B 47ms
12ms Script
application/javascript 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower/js/Custom%20Scripts/login-script.min.js

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

ba5f0aeb7bc2cf15e3a52bffc93d83316dfd15005814554f3a80a6c7ae8ba17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/borrower
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 20:59:00 GMT
Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
X-Powered-By: ASP.NET
ETag: "1d7bbbe26cf0279"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Date: Wed, 02 Mar 2022 16:05:23 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114
Expires: Wed, 02 Mar 2022 16:05:23 GMT

GET
H/1.1 200
OK cancel-click.js Show response
www.myafco.com/borrower/js/Custom%20Scripts/ 127 B
594 B 56ms
18ms Script
application/javascript 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower/js/Custom%20Scripts/cancel-click.js

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

5507cb98e961453f067f9135e14ce118606d972acfec8c27e6109ec5d61bc7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/borrower
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 07 Oct 2021 20:59:00 GMT
Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
X-Powered-By: ASP.NET
ETag: "1d7bbbe26cf027f"
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Date: Wed, 02 Mar 2022 16:05:23 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 127
Expires: Wed, 02 Mar 2022 16:05:23 GMT

GET
H/1.1 200
OK aksb.min.js Show response
ds-aksb-a.akamaihd.net/ 13 KB
5 KB 184ms
55ms Script
application/x-javascript 2600:141b:13::17d7:8258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by: Host: www.myafco.com
URL: https://www.myafco.com/borrower
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:13::17d7:8258 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 16:05:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 18:25:26 GMT
Server: AkamaiNetStorage
ETag: "15de19f42b35806faf815298644157e0:1535653526"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 4826

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 70ms
17ms XHR
application/json 54.224.14.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=AA7A3BC75245B3BC0A490D4D%40AdobeOrg&d_nsid=0&ts=1646237123916

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/550322ae7d69/45dda2f1a964/launch-f20c4d0e95da.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.224.14.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-4-54.compute-1.amazonaws.com

Software

Resource Hash

1c206f1889afac13d3c85b692189664b8293d6e718463a0bb66dcc5ac6724886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.myafco.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-1-v028-05acd4e0a.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: c6yJ5f+KRTg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.myafco.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1339
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 12ms
12ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/550322ae7d69/45dda2f1a964/launch-f20c4d0e95da.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:05:23 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.myafco.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 02 Mar 2022 17:05:23 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 13ms
12ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/550322ae7d69/45dda2f1a964/launch-f20c4d0e95da.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:05:23 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.myafco.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Wed, 02 Mar 2022 17:05:23 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.1/webfonts/ 73 KB
73 KB 69ms
35ms Font
font/woff2 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Origin: https://www.myafco.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:05:24 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180483
cf-ray: 6e5b5fa93de4f04d-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74320
x-amz-id-2: ZDxX+/wQt3QQaZrZlGZiq+27QRX6iuUee/nfSElgfNpmB2rl2X23+30xMs5S3wSSgbaKOBjeNLA=
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
server: cloudflare
etag: "3638e62ea50e6f5859b6a15276c25c87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ni6lYvEBQs4RTxjjSl9Kz2JwLoNtAoAf0QfK2JXWPC%2BcDJp8rhom7kf1UKSOqjEo9iYCwqPWncfIM9tjtk%2B%2FGC5KKlenNGsGCDRgjcxp9Hwy80TNOZcH3rPEAKKkbEurIsw9IoTC6SXyaoamCumAz%2BfW"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: NV7MY0B3H6MEV1EG
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H/1.1 200
OK dest5.html Show response
suntrustbanksinc.demdex.net/ Frame 1ED0 7 KB
3 KB 129ms
15ms Document
text/html 52.70.4.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://suntrustbanksinc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/550322ae7d69/45dda2f1a964/launch-f20c4d0e95da.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.4.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 2 Mar 2022 16:05:24 GMT
DCS: dcs-prod-va6-2-v028-0aee031dc.edge-va6.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 14 Feb 2022 16:08:46 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: ep7rXJxnQUU=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yh_VxAAAADZjwAQn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=80237465381167605653003969315380271774
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh_VxAAAADZjwAQn

42 B
943 B

41ms
15ms

Image
image/gif

54.224.14.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh_VxAAAADZjwAQn

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Server

54.224.14.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v028-06492fd88.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: eFpcNg9sRbE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh_VxAAAADZjwAQn
Date: Wed, 02 Mar 2022 16:05:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK afcologo-blue-white.svg Show response
www.myafco.com/borrower/images/ Frame D5BA 22 KB
16 KB 89ms
14ms Document
image/svg+xml 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower/images/afcologo-blue-white.svg

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

c4ecf85a3d581e0b614c68da906bd3b716ade75b121a09ba6d71add9cda1ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/borrower

Response headers

Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
Last-Modified: Thu, 07 Oct 2021 20:59:00 GMT
Accept-Ranges: bytes
ETag: "1d7bbbe26cf5499"
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Wed, 02 Mar 2022 16:05:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Mar 2022 16:05:24 GMT
Content-Length: 16021
Connection: keep-alive

GET
H/1.1 200
OK afcologo.svg Show response
www.myafco.com/borrower/images/ Frame 8BCC 13 KB
5 KB 68ms
14ms Document
image/svg+xml 23.54.190.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myafco.com/borrower/images/afcologo.svg

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.190.89 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48 / ASP.NET

Resource Hash

beda62658bf98bdcad060ba4ca8520265b823feb67306fff7eb091e2181c1001

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/borrower

Response headers

Server: Apache/2.4.43 (Unix) OpenSSL/1.0.2u-fips mod_jk/1.2.48
Last-Modified: Thu, 07 Oct 2021 20:59:00 GMT
Accept-Ranges: bytes
ETag: "1d7bbbe26cf375c"
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Wed, 02 Mar 2022 16:05:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Mar 2022 16:05:24 GMT
Content-Length: 4226
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame D5BA 16 KB
16 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0e175dbfc213803ff94f427c3b990bee268dbbc5e7f211a32d8622f26944b7b

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: img/png

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=29ddf8385e4af495f214692219c7f74afa1d74b8811e49209425ec90bb95983db0da87c991749652
dpm.demdex.net/ Frame 1ED0
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=80237465381167605653003969315380271774
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODAyMzc0NjUzODExNjc2MDU2NTMwMDM5NjkzMTUzODAyNzE3NzQQABoNCMSr_pAGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=29ddf8385e4af495f214692219c7f74afa1d74b8811e49209425ec90bb95983db0da87c991749652

42 B
943 B

15ms
14ms

Image
image/gif

54.224.14.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=29ddf8385e4af495f214692219c7f74afa1d74b8811e49209425ec90bb95983db0da87c991749652

Requested by

Host: www.myafco.com
URL: https://www.myafco.com/borrower

Protocol

HTTP/1.1

Server

54.224.14.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-93-32.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v028-0c362d8b6.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9SrG+61XTeo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 02 Mar 2022 16:05:24 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=29ddf8385e4af495f214692219c7f74afa1d74b8811e49209425ec90bb95983db0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 s92816348415658 Show response
sstats.myafco.com/b/ss/suntrusttruistglobal/10/JS-2.22.0-LBSQ/ 4 KB
4 KB 88ms
38ms Script
application/x-javascript 52.0.93.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.myafco.com/b/ss/suntrusttruistglobal/10/JS-2.22.0-LBSQ/s92816348415658?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=2%2F2%2F2022%2016%3A5%3A24%203%200&d.&nsid=0&jsonv=1&.d&mid=72749055482760213382458829978789273905&aamlh=7&ce=UTF-8&pageName=myafco%7Cmyafco%7Cborrower%7Caccount_lookup&g=https%3A%2F%2Fwww.myafco.com%2Fborrower&r=https%3A%2F%2Fwww.myafco.com%2F&cc=USD&ch=myafco&server=www.myafco.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=myafco%7Cmyafco%7Cborrower%7Caccount_lookup&v5=https%3A%2F%2Fwww.myafco.com%2Fborrower&v7=https%3A%2F%2Fwww.myafco.com%2Fborrower&v8=https%3A%2F%2Fwww.myafco.com%2F&v9=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F99.0.4844.51%20Safari%2F537.36&v10=72749055482760213382458829978789273905&v11=en-US&v13=12%3A05%20PM%7CWednesday&v14=2.22.0&v48=myafco%20web%7Cproduction%7C2021-06-16T00%3A05%3A52Z&v49=01_dom_ready_pageview&v54=myafco%7Cmyafco&v84=1.0.1&v85=5.2.0&v86=9.4&v87=undefined&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AA7A3BC75245B3BC0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.93.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

jag /

Resource Hash

8cde8b248e3cea9f96e459ac500af4a19a21d05a999cc8062504b7015065950c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-aam-tid: +4V0tzz6Qfo=
date: Wed, 02 Mar 2022 16:05:24 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 4011
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-1-v028-06b550788.edge-va6.demdex.com UNKNOWN
pragma: no-cache
last-modified: Thu, 03 Mar 2022 16:05:24 GMT
server: jag
xserver: anedge-6f647cfb68-n7n2z
etag: 3535267305770254336-4619802382520525251
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 01 Mar 2022 16:05:24 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESENfwucCNJskw4IW6v8qlWjY&google_cver=1
dpm.demdex.net/ Frame 1ED0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODAyMzc0NjUzODExNjc2MDU2NTMwMDM5NjkzMTUzODAyNzE3NzQ=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODAyMzc0NjUzODExNjc2MDU2NTMwMDM5NjkzMTUzODAyNzE3NzQ=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENfwucCNJskw4IW6v8qlWjY&google_cver=1?gdpr=0&gdpr_consent=

42 B
943 B

21ms
20ms

Image
image/gif

54.224.14.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENfwucCNJskw4IW6v8qlWjY&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.224.14.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v028-067fecb1a.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0WIZoeP+Rkc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 16:05:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENfwucCNJskw4IW6v8qlWjY&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
ds-aksb-a.akamaihd.net/2/1081822/ 0
269 B 42ms
39ms Image
text/html 2600:141b:13::17d7:8258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ds-aksb-a.akamaihd.net/2/1081822/b?dE=0&cS=0&cE=0&rqS=22&rsS=174&rsE=176&sS=&dl=179&di=1024&fp=1046&dlS=1024&dlE=1026&dc=1945&leS=1945&leE=1952&to=&ol=0&cr=2&mt=&mb=&b=257&u=https%3A//www.myafco.com/borrower&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/99.0.4844.51%20Safari/537.36&pl=Linux%20x86_64&us=&gh=23.43.58.28&t=&rid=242336ae&r=32194&akM=a&akN=ae&vc=14:17&bpcip=05b5ea00&akTX=1&akTI=242336ae&ai=457973&pmgn=&pmgi=&pmp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:13::17d7:8258 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.myafco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 16:05:25 GMT
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store, private
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Wed, 02 Mar 2022 16:05:25 GMT

GET
H/1.1

200
OK

ibs:dpid=992&dpuuid=1b6ppx3n4k9un
dpm.demdex.net/ Frame 1ED0
Redirect Chain

https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=80237465381167605653003969315380271774
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1b6ppx3n4k9un

42 B
943 B

23ms
19ms

Image
image/gif

54.224.14.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=992&dpuuid=1b6ppx3n4k9un

Protocol

HTTP/1.1

Server

54.224.14.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v028-08e0d6f7e.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xX8pxHjYTgI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 16:05:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://dpm.demdex.net/ibs:dpid=992&dpuuid=1b6ppx3n4k9un
cache-control: no-cache
cf-ray: 6e5b5fb02df18c59-EWR
content-length: 0

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 1ED0 43 B
354 B 93ms
38ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=80237465381167605653003969315380271774&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 7
date: Wed, 02 Mar 2022 16:05:24 GMT
server: tsa_b
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e279348f9f410ba78629e9b18b587b51439cf0bb6bdcbab5c24af5e28002b3df
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1ED0
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWhfVnhBQUFBRFpqd0FRbg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
796 B

11ms
10ms

Image
image/png

35.171.197.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 35.171.197.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-197-6.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 16:05:25 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 02 Mar 2022 16:05:25 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame 1ED0
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=80237465381167605653003969315380271774&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=80237465381167605653003969315380271774&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
957 B

20ms
19ms

Image
image/gif

54.224.14.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

54.224.14.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v028-0100ff628.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: nguvQKtET4k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 16:05:26 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 349
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e5b5fb56e6f8c4b-EWR
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://dpm.demdex.net/ibs:dpid=22054
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 1ED0
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=80237465381167605653003969315380271774&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-ocj7VyBE2pFEFd98cEEIcZtCgnUfJKIacXs-~A

42 B
943 B

41ms
13ms

Image
image/gif

54.224.14.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-ocj7VyBE2pFEFd98cEEIcZtCgnUfJKIacXs-~A

Protocol

HTTP/1.1

Server

54.224.14.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v028-0ad75588e.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VssUB4x0Q8U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 02 Mar 2022 16:05:25 GMT
via: http/1.1 spdc0110.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-ocj7VyBE2pFEFd98cEEIcZtCgnUfJKIacXs-~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ED0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWhfVnhBQUFBRFpqd0FRbg==

170 B
188 B

73ms
34ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWhfVnhBQUFBRFpqd0FRbg==

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 16:05:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 16:05:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646237126.838670,VS0,VE0
x-served-by: cache-lga21958-LGA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWhfVnhBQUFBRFpqd0FRbg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1ED0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yh_VxAAAADZjwAQn&expires=90

42 B
752 B

301ms
11ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yh_VxAAAADZjwAQn&expires=90
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 16:05:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646237126.887191,VS0,VE0
x-served-by: cache-lga21958-LGA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yh_VxAAAADZjwAQn&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1ED0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh_VxAAAADZjwAQn
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh_VxAAAADZjwAQn&C=1

43 B
1003 B

89ms
62ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh_VxAAAADZjwAQn&C=1
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 16:05:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Mar 2022 16:05:26 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 16:05:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh_VxAAAADZjwAQn&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Wed, 02 Mar 2022 16:05:26 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 1ED0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Yh_VxAAAADZjwAQn
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYh_VxAAAADZjwAQn

43 B
1 KB

38ms
11ms

Image
image/gif

68.67.179.133
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYh_VxAAAADZjwAQn

Protocol

HTTP/1.1

Server

68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 16:05:26 GMT
X-Proxy-Origin: 5.181.234.133; 5.181.234.133; 571.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 1e5449a5-862c-4c12-9192-f7d9db157148
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 16:05:26 GMT
X-Proxy-Origin: 5.181.234.133; 5.181.234.133; 571.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 0de6e53a-4878-4e0a-bfd5-1b3910260848
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYh_VxAAAADZjwAQn
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 1ED0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yh_VxAAAADZjwAQn
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yh_VxAAAADZjwAQn

43 B
61 B

62ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yh_VxAAAADZjwAQn
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 16:05:26 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yh_VxAAAADZjwAQn
date: Wed, 02 Mar 2022 16:05:26 GMT
via: 1.1 google
server: OXGW/17.1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1ED0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh_VxAAAADZjwAQn

1 B
548 B

87ms
2ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh_VxAAAADZjwAQn
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:05:26 GMT
cache-control: no-store, no-cache, private
x-lat: va1pug002:0:386
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 16:05:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646237126.387539,VS0,VE0
x-served-by: cache-lga21958-LGA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh_VxAAAADZjwAQn
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 1ED0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yh_VxAAAADZjwAQn&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yh_VxAAAADZjwAQn&img=1&__user_check__=1&sync_id=9341bc31-9a42-11ec-a60b-1e3873bf0303

43 B
549 B

81ms
14ms

Image
image/gif

192.35.249.127
SPOTX-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yh_VxAAAADZjwAQn&img=1&__user_check__=1&sync_id=9341bc31-9a42-11ec-a60b-1e3873bf0303
Protocol: HTTP/1.1
Server: 192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 16:05:27 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 229
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 02 Mar 2022 16:05:27 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=Yh_VxAAAADZjwAQn&img=1&__user_check__=1&sync_id=9341bc31-9a42-11ec-a60b-1e3873bf0303
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 302
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 1ED0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yh_VxAAAADZjwAQn&t=2592000&o=0

43 B
2 KB

549ms
0ms

Image
image/gif

2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yh_VxAAAADZjwAQn&t=2592000&o=0

Protocol

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://suntrustbanksinc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 08:05:27 PST
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: YEQF9V+1M3zL4C+y05BzbpVGSwih8VBvmhaFgB0ERKO++m41xaX+5ox+qDhFDuIFHmB9S21ppjFOnSWo449cbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Wed, 02 Mar 2022 08:05:27 PST

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 16:05:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646237127.621708,VS0,VE0
x-served-by: cache-lga21958-LGA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yh_VxAAAADZjwAQn&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=390122&dpuuid=9I3mJ4BBQGR3AULUmkqBEAW16oU
dpm.demdex.net/ Frame 1ED0
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=adobe
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=9I3mJ4BBQGR3AULUmkqBEAW16oU

42 B
943 B

62ms
29ms

Image
image/gif

54.224.14.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=390122&dpuuid=9I3mJ4BBQGR3AULUmkqBEAW16oU

Protocol

HTTP/1.1

Server

54.224.14.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS