www.ecu.com Open in urlscan Pro
104.154.182.169  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://ecu.com/ HTTP 301
   http://www.ecu.com/ HTTP 301
   https://www.ecu.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

• https://jelly.mdhv.io/v1/star.gif?pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&evt=hi HTTP 307
• https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&tx=a720fc8f-cfd7-446a-af6a-e48adfd03ab4

Request Chain 87

• https://um.simpli.fi/smaato HTTP 302
• https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 88

• https://um.simpli.fi/nexxen HTTP 302
• https://sync.1rx.io/usersync/simplifi/B6A52239F9234E5995A9C3BB02E9EDBE HTTP 302
• https://sync.1rx.io/usersync/simplifi/B6A52239F9234E5995A9C3BB02E9EDBE?zcc=1&cb=1708548105482 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-6c488206-5d9c-4a10-bb8e-cd3f3e00f58a-003

Request Chain 89

• https://um.simpli.fi/triplelift HTTP 302
• https://eb2.3lift.com/xuid?mid=7969&xuid=B6A52239F9234E5995A9C3BB02E9EDBE&dongle=yf3

Request Chain 90

• https://um.simpli.fi/telaria_p HTTP 302
• https://simplifi.partners.tremorhub.com/sync?UISF=B6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 91

• https://um.simpli.fi/tapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=B6A52239F9234E5995A9C3BB02E9EDBE HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 92

• https://um.simpli.fi/ad_advisor HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=B6A52239F9234E5995A9C3BB02E9EDBE HTTP 302
• https://d.agkn.com/pixel/10751/?che=1708548105473&ip=81.95.5.42&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217213104799004718009 HTTP 302
• https://um.simpli.fi/aa_px?sk=217213104799004718009 HTTP 302
• https://um.simpli.fi/empty.gif

Request Chain 93

• https://um.simpli.fi/intentiq HTTP 302
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 96

• https://um.simpli.fi/dtnx HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=B6A52239F9234E5995A9C3BB02E9EDBE;mimetype=img; HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=B6A52239F9234E5995A9C3BB02E9EDBE;mimetype=img;sr HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTQ0OTg1NDU2NjE0MTMyMDg3OTE= HTTP 302
• https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEE8d30N-H2WKBh6qgxEypQs&google_cver=1

Request Chain 97

• https://um.simpli.fi/exelatem HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=B6A52239F9234E5995A9C3BB02E9EDBE&j=0 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=B6A52239F9234E5995A9C3BB02E9EDBE&j=0&xl8blockcheck=1

Request Chain 99

• https://um.simpli.fi/beachfront HTTP 302
• https://sync.bfmio.com/sync?pid=141&uid=B6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 100

• https://um.simpli.fi/bluekai HTTP 302
• https://stags.bluekai.com/site/29931?id=B6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 101

• https://um.simpli.fi/crwdcntrl HTTP 302
• https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 102

• https://um.simpli.fi/lj_match HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=B6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 103

• https://um.simpli.fi/liveramp_match HTTP 302
• https://idsync.rlcdn.com/419566.gif?partner_uid=B6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 104

• https://www.googleadservices.com/pagead/conversion/1026675585/?random=1708548105320&cv=7&fst=1708548105320&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=48957598&cv=7&fst=1708548105320&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=CWDWZYamGIH9mLAPh86jmAM&sscte=1&crd=COy7sQI&pscrd=IhMIxs6d16W9hAMVgT4GAB0H5wgzMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
• https://www.google.com/pagead/1p-conversion/1026675585/?random=48957598&cv=7&fst=1708548105320&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMIxs6d16W9hAMVgT4GAB0H5wgzMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=CWDWZYamGIH9mLAPh86jmAM&cid=CAQSGwAvHhf__qUtHx4xX2G3j2qRwF1kRP4O81SgNA&random=2886217586 HTTP 302
• https://www.google.de/pagead/1p-conversion/1026675585/?random=48957598&cv=7&fst=1708548105320&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMIxs6d16W9hAMVgT4GAB0H5wgzMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=CWDWZYamGIH9mLAPh86jmAM&cid=CAQSGwAvHhf__qUtHx4xX2G3j2qRwF1kRP4O81SgNA&random=2886217586&ipr=y

Request Chain 106

• https://um.simpli.fi/an HTTP 302
• https://ib.adnxs.com/setuid?entity=66&code=B6A52239F9234E5995A9C3BB02E9EDBE HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 107

• https://um.simpli.fi/rb_match HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B6A52239F9234E5995A9C3BB02E9EDBE&expires=365

Request Chain 108

• https://um.simpli.fi/ox_match HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072966&val=B6A52239F9234E5995A9C3BB02E9EDBE

Request Chain 109

• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
• https://um.simpli.fi/g_match?id=&google_gid=CAESEKCchCdRh3nP5V5kpNdZ324&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B6A52239F9234E5995A9C3BB02E9EDBE HTTP 302
• https://um.simpli.fi/g_match?id=

Request Chain 139

• https://um.simpli.fi/segmint HTTP 302
• https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B6A52239F9234E5995A9C3BB02E9EDBE

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ecu.com/ Redirect Chain http://ecu.com/ http://www.ecu.com/ https://www.ecu.com/	117 KB 29 KB	635ms 253ms	Document text/html	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / WP Engine Resource Hash 128de511819555019aa7c2aa936bd83db8524e195e891dc85652e9bb3e9f720f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=600, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Wed, 21 Feb 2024 20:41:43 GMT link <https://www.ecu.com/wp-json/>; rel="https://api.w.org/" <https://www.ecu.com/wp-json/wp/v2/pages/1224>; rel="alternate"; type="application/json" <https://www.ecu.com/>; rel=shortlink server nginx vary Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie x-cache HIT: 12 x-cache-group normal x-cacheable SHORT x-powered-by WP Engine x-tec-api-origin https://www.ecu.com x-tec-api-root https://www.ecu.com/wp-json/tribe/events/v1/ x-tec-api-version v1 Redirect headers Connection keep-alive Content-Length 162 Content-Type text/html Date Wed, 21 Feb 2024 20:41:43 GMT Keep-Alive timeout=20 Location https://www.ecu.com/ Server nginx
GET H2	200	marvel.js Show response marvel-b2-cdn.bc0a.com/	9 KB 4 KB	66ms 20ms	Script application/javascript	35.201.125.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://marvel-b2-cdn.bc0a.com/marvel.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.125.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.125.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 190db2ea37186511e3cdfaeb6e37e68830c90647a9c18840f33ce00c03a05bd0 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 19:44:00 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains content-security-policy default-src 'self' 'unsafe-inline'; age 3463 x-guploader-uploadid ABPtcPqxxIg-5_osk4ViFHmVbDY-5URE6VoE39xSEwNTPen5K5PX3zI7T9JMNasPmA_A2nDLRmKpHv3IQA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3142 last-modified Wed, 12 Apr 2023 17:03:33 GMT server UploadServer etag "0b57832ab47cd1fea51ee8a2dfa4f649" vary Accept-Encoding x-goog-hash crc32c=EF0vLQ==, md5=C1eDKrR80f6lHuii36T2SQ== x-goog-generation 1681319013677342 content-language en access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=3600 x-goog-stored-content-length 3142 accept-ranges bytes content-type application/javascript expires Wed, 21 Feb 2024 20:44:00 GMT
GET H2	200	trp-language-switcher.css www.ecu.com/wp-content/plugins/translatepress-multilingual/assets/css/	3 KB 1 KB	129ms 128ms	Stylesheet text/css	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.7.1 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 925f2ffb7b49a93b36740141ddfbd7487d8ef3de84f2c9c8be4cec4e584b0c18 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br last-modified Mon, 19 Feb 2024 22:39:32 GMT server nginx etag W/"65d3d8a4-b1b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	style.css www.ecu.com/wp-content/themes/ecu-theme/	287 KB 40 KB	134ms 133ms	Stylesheet text/css	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-content/themes/ecu-theme/style.css?ver=1702409885 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 0468573a8d8c1cd2de2f3bb52265c8d2fc601dafdc9897666ccfc783d3e80e5c Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br last-modified Tue, 12 Dec 2023 19:38:05 GMT server nginx etag W/"6578b69d-47a73" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	search-forms.css www.ecu.com/wp-content/plugins/searchwp/assets/css/frontend/	5 KB 2 KB	132ms 131ms	Stylesheet text/css	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-content/plugins/searchwp/assets/css/frontend/search-forms.css?ver=4.3.13 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 480cbbdaf9ea4afde46d8c47c35a98172d4bdc57232c38fd6c44a514ae1c1a87 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br last-modified Mon, 19 Feb 2024 22:39:12 GMT server nginx etag W/"65d3d890-13a4" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	jquery.min.js Show response www.ecu.com/wp-includes/js/jquery/	86 KB 31 KB	248ms 247ms	Script application/javascript	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br last-modified Mon, 28 Aug 2023 17:14:23 GMT server nginx etag W/"64ecd5ef-15601" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	jquery-migrate.min.js Show response www.ecu.com/wp-includes/js/jquery/	13 KB 5 KB	249ms 248ms	Script application/javascript	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br last-modified Fri, 09 Jun 2023 05:49:24 GMT server nginx etag W/"6482bd64-3509" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	tracking.js Show response wt.dm00.com/WebSiteTracking/scripts/	11 KB 3 KB	807ms 183ms	Script application/javascript	52.24.112.196 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wt.dm00.com/WebSiteTracking/scripts/tracking.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.24.112.196 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-24-112-196.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 1ad73850b1f505e5acce1a6f573c32143adb5768f1cd46a5289f00cc77647283 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:43 GMT content-encoding gzip last-modified Wed, 21 Aug 2019 23:15:49 GMT server Microsoft-IIS/10.0 etag "80805f5e7658d51:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2703
GET H2	200	silvercloud.css integration.silvercloudinc.com/css/	68 KB 13 KB	79ms 22ms	Stylesheet text/css	18.239.69.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integration.silvercloudinc.com/css/silvercloud.css Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.69.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-69-97.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash d80c9777a8db3c465e506ab648aaf889613beb87f8e3670a32a03ae5cb063bc5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 02:55:44 GMT content-encoding gzip via 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront) last-modified Thu, 08 Feb 2024 01:43:06 GMT server AmazonS3 x-amz-cf-pop AMS58-P4 age 63961 etag W/"7ebb9a0b159d374a1b42b286ca993da3" x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css x-amz-cf-id ceO3sASKXO_jGIs-zzxZe3BJ49giqG5w4SUApCSsKNe-gdjJFFJBLw==
GET H2	200	salemove_integration.js Show response api.glia.com/	9 KB 9 KB	63ms 8ms	Script application/javascript	2600:9000:26da:4400:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.glia.com/salemove_integration.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:4400:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 97bcfd985ee6af445c93b9b2c83cc8306b5c3949aa5ff2cf0e4e699cfe56e1e1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubdomains; preload date Wed, 21 Feb 2024 20:33:53 GMT via 1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront) last-modified Tue, 20 Feb 2024 21:23:36 GMT server AmazonS3 x-amz-cf-pop MUC50-P4 age 480 x-amz-server-side-encryption AES256 etag "f4fcb7c6ae8bba6ab7c5bac110d477c3" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 9094 x-amz-cf-id qFYW3WLcN5PdG7s9VqKZGc3OtJmLBF0DXRy4i3rtxo13qSnBNsueFw==
GET H2	200	render.js Show response js.poshdevelopment.com/glia/	317 KB 95 KB	113ms 40ms	Script application/javascript	13.224.222.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.poshdevelopment.com/glia/render.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.222.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-222-103.lhr61.r.cloudfront.net Software AmazonS3 / Resource Hash 39a570c68ad275366d6c824a48356348d05f188b1be5a5439d46a4605c4715b4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-amz-version-id null strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip date Wed, 21 Feb 2024 18:34:42 GMT via 1.1 5da47734f496c05ba90c546c024fb778.cloudfront.net (CloudFront) x-amz-cf-pop LHR61-C2 age 7645 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 22 Mar 2023 20:20:48 GMT server AmazonS3 etag W/"8aaf5cb1c486e8c639d60544ec0cc866" vary Accept-Encoding content-type application/javascript cache-control max-age=28800, stale-while-revalidate=14400 x-amz-cf-id JV7xsOmjYUwgpviVsg7EuYQO6kTf1YJ-q5VBk3axjKEcCliDKXQ_5A==
GET H/1.1	200 OK	segmint.min.js Show response cdn.segmint.net/	16 KB 16 KB	114ms 33ms	Script application/javascript	18.245.31.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/segmint.min.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.245.31.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-31-94.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Date Wed, 21 Feb 2024 10:19:00 GMT Via 1.1 9eb1733bea847c3a8f4910adebcc8146.cloudfront.net (CloudFront) Last-Modified Wed, 20 Sep 2023 12:33:41 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-P8 Age 37364 x-amz-server-side-encryption AES256 ETag "6bdf8bf9c48aef3424ec8556d42ae32e" X-Cache Hit from cloudfront Content-Type application/javascript Cache-Control max-age:900 Connection keep-alive Accept-Ranges bytes Content-Length 16163 X-Amz-Cf-Id 6Xfta2_87OFDdVG13fxwQ2hcEDYcOazWFGVVvMvhYOcR_7e9U7baYw==
GET H2	200	zla6sgs.css use.typekit.net/	7 KB 1 KB	183ms 146ms	Stylesheet text/css	2a02:26f0:3500:16::215:149a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/zla6sgs.css Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 0605b6edfa7b2a079aa4701e35c43057037b35a4b513f26360eaebeb13015b64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Wed, 21 Feb 2024 20:41:44 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1011
GET H/1.1	200 OK	widget.js Show response autolink.io/educatorscu/	1 KB 1 KB	353ms 115ms	Script application/javascript	52.3.0.87 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://autolink.io/educatorscu/widget.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.3.0.87 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-0-87.compute-1.amazonaws.com Software nginx / Resource Hash b0c31de84ecb2e06aaf2013abee33a830c2ca4cca732c4ac0ac92f6a6580c69d Security Headers Name Value Content-Security-Policy frame-ancestors creditunionservices.org www.creditunionservices.org ecu.com www.ecu.com ecu.com www.ecu.com 'self' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Date Wed, 21 Feb 2024 20:41:44 GMT Content-Security-Policy frame-ancestors creditunionservices.org www.creditunionservices.org ecu.com www.ecu.com ecu.com www.ecu.com 'self' Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Content-Type-Options nosniff Content-Encoding gzip Server nginx X-Permitted-Cross-Domain-Policies master-only Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked Vary Origin Content-Type application/javascript; charset=UTF-8 P3P CP="We do not have a P3P policy. For more information about the credit union's privacy policy, please contact the credit union." Cache-Control no-store Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	es_ES.png www.ecu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/	325 B 527 B	119ms 119ms	Image image/png	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/es_ES.png Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash f71e440bd8074d59686f35d87b824c16f5310a34bab7fb017b0178bd726e35d3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT last-modified Mon, 19 Feb 2024 22:39:32 GMT server nginx etag "65d3d8a4-145" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 325
GET H2	200	icon_search.svg www.ecu.com/wp-content/themes/ecu-theme/images/	366 B 497 B	125ms 124ms	Image image/svg+xml	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/icon_search.svg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash c02831872993c20fe69f3849c9d9db72c3909f43168cffe91a2644630995fc90 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br last-modified Tue, 13 Apr 2021 22:48:40 GMT server nginx etag W/"60761fc8-16e" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	icon_close.svg www.ecu.com/wp-content/themes/ecu-theme/images/	243 B 370 B	126ms 125ms	Image image/svg+xml	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/icon_close.svg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 50cb3db9b3744d64cc86b1ea6f5a6ded3bbffb6dce7dbf18e6ff0f69c237c324 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br last-modified Wed, 14 Apr 2021 16:14:35 GMT server nginx etag W/"607714eb-f3" vary Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	educatorscu-logo_black.svg www.ecu.com/wp-content/themes/ecu-theme/images/	12 KB 4 KB	131ms 130ms	Image image/svg+xml	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/educatorscu-logo_black.svg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 755282e60812114e342340f88528b3c65585c166a4ec5966dc8758266ed90d1f Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br last-modified Mon, 23 Aug 2021 19:09:24 GMT server nginx etag W/"6123f264-2ee0" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	apple_app_store_icon.png www.ecu.com/wp-content/themes/ecu-theme/images/	4 KB 4 KB	128ms 126ms	Image image/png	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/apple_app_store_icon.png Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 9ecf55657d16d7d0402e52fde46dde42926218ea0fb66a81cd60927212f62d18 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT last-modified Fri, 02 Apr 2021 22:45:18 GMT server nginx etag "60679e7e-e7a" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 3706
GET H2	200	google_play_icon.png www.ecu.com/wp-content/themes/ecu-theme/images/	4 KB 4 KB	175ms 174ms	Image image/png	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/google_play_icon.png Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 851bae4a476e38538c2f984c131b803a97a9ade9a237c2c4468082f62b95bf4b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT last-modified Fri, 02 Apr 2021 22:45:21 GMT server nginx etag "60679e81-f1c" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 3868
GET H2	200	Bobby-Portis_WebsiteHomepage-01-scaled.jpg www.ecu.com/files/	79 KB 79 KB	249ms 249ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/Bobby-Portis_WebsiteHomepage-01-scaled.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 9dfd1fa5b08ab980e4911c6edd778e6fbbc37ade12fb9515c7694312f5bbd72b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT last-modified Tue, 10 Oct 2023 14:48:27 GMT server nginx etag "6525643b-13a02" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 80386
GET H2	200	videobanking.jpg www.ecu.com/files/	49 KB 50 KB	133ms 133ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/videobanking.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 29d81b71ad00d2569a43aa3d158f5d4833a8c7e04f3cc0e834c66e9dfb4fa572 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT last-modified Fri, 04 Feb 2022 22:00:05 GMT server nginx etag "61fda1e5-c51a" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 50458
GET H2	200	mobilebanking.jpg www.ecu.com/files/	25 KB 25 KB	349ms 348ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/mobilebanking.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash d9dd994462350e5e87778c43cd7a72564c4fd4b8b9bcf899f4726845ca4d108d Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT last-modified Fri, 04 Feb 2022 21:59:55 GMT server nginx etag "61fda1db-63da" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 25562
GET H2	200	silvercloud.js Show response integration.silvercloudinc.com/js/silvercloudjs/	61 KB 20 KB	18ms 18ms	Script application/javascript	18.239.69.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.69.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-69-97.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash 40b2da647bcc787d43218caecb24901ea7b01025bcf5f9db98359756dbf4aae0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 06:29:55 GMT content-encoding gzip via 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront) last-modified Thu, 08 Feb 2024 01:43:07 GMT server AmazonS3 x-amz-cf-pop AMS58-P4 age 51110 x-amz-server-side-encryption AES256 etag W/"80f213d3a2f208a7129b19b16ceaefaa" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id 2pW_HXdgqRQeLWmRynrFcUi_wkuNlwQV0XfETVJZroGmtb8tcYryVA==
GET H2	200	bundle.js Show response www.ecu.com/wp-content/themes/ecu-theme/js/dist/	355 KB 86 KB	215ms 215ms	Script application/javascript	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-content/themes/ecu-theme/js/dist/bundle.js?ver=1701126240 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 6b96b60c2ae7712937ec06b80d3bcdfc9c28ce4d8febb8e57a6abfda910d2a6a Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br last-modified Mon, 27 Nov 2023 23:04:00 GMT server nginx etag W/"65652060-58d54" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	gtm.js Show response www.googletagmanager.com/	228 KB 80 KB	57ms 34ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NRTWHZ Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f4bf3c106284706348c029b7e6c32174f460d671fdc1240a7bdf1f2f80aed892 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 81591 x-xss-protection 0 last-modified Wed, 21 Feb 2024 19:52:07 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 21 Feb 2024 20:41:44 GMT
POST H2	204	Log Show response wt.dm00.com/WebSiteTracking/api/tracking/	0 130 B	547ms 186ms	XHR text/plain	52.24.112.196 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wt.dm00.com/WebSiteTracking/api/tracking/Log Requested by Host: wt.dm00.com URL: https://wt.dm00.com/WebSiteTracking/scripts/tracking.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.24.112.196 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-24-112-196.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:44 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET access-control-allow-origin * cache-control no-cache expires -1
OPTIONS H/1.1	200 OK	86c27085-fa24-42c1-87da-979f494a7e40.json cdn.segmint.net/ Frame	0 0	493ms 479ms	Preflight	18.245.31.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/86c27085-fa24-42c1-87da-979f494a7e40.json Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.245.31.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-31-94.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Via 1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront) X-Amz-Cf-Id yOXJVcBXUIEWM551ADKm3mHl3TG83Qo_-z45s8HF2K3St96-_7SrRw== X-Amz-Cf-Pop FRA56-P8 X-Cache Miss from cloudfront access-control-allow-headers content-type access-control-allow-methods PUT, POST, DELETE, GET access-control-allow-origin * access-control-max-age 3000 date Wed, 21 Feb 2024 20:41:46 GMT server AmazonS3 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 21 Feb 2024 19:48:09 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3215 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 21 Feb 2024 21:48:09 GMT
GET H/1.1	200 OK	86c27085-fa24-42c1-87da-979f494a7e40.json Show response cdn.segmint.net/	313 B 959 B	441ms 441ms	XHR application/json	18.245.31.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/86c27085-fa24-42c1-87da-979f494a7e40.json Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.245.31.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-31-94.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 3f4dc3f961910ce8231b1be58206134dc6df36b634ca14b45541c20b90fb320f Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type application/json Response headers Date Wed, 21 Feb 2024 20:41:46 GMT Via 1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA56-P8 x-amz-server-side-encryption AES256 X-Cache RefreshHit from cloudfront Connection keep-alive Content-Length 313 Last-Modified Wed, 08 Nov 2023 17:14:40 GMT Server AmazonS3 ETag "97c68a40611e343ca35777be534f7a6d" Access-Control-Max-Age 3000 Access-Control-Allow-Methods PUT, POST, DELETE, GET Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=900 Accept-Ranges bytes X-Amz-Cf-Id a0nocvBwQgEk2IbX0Vr3wJjnJe2rYRCBbV5H8RWgZlBu93LYiUfoQg==
GET H2	200	widget.js Show response cdn.userway.org/	2 KB 2 KB	53ms 6ms	Script application/javascript	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widget.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 2e4c793bb542ed9de29fe6aeb4b74c064ac68c533b0b0b79912ca133def5cb70 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:44 GMT via 1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 469 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 1853 x-accel-date 1708546251 x-77-nzt EgwB1GY4sQH3PQcAAAwBnJIhHwH3GAAAAA x-accel-expires @1708549851 x-77-age 1877 last-modified Thu, 15 Feb 2024 11:59:14 GMT server CDN77-Turbo etag W/"90ddb7718ffc05b816dac0e226ab23e1" x-77-nzt-ray 1cb09c0e1512557f0860d66528501a31 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=3600, public content-type application/javascript x-amz-cf-id O_562-YQqU4o3WhLeU1EjZUj4DjTmLuzGMFflRyqe3HgdJ6ZT7cEew==
GET H2	200	p.css p.typekit.net/	5 B 172 B	64ms 7ms	Stylesheet text/css	2a02:26f0:480:f::213:7ed3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=zla6sgs&ht=tk&f=24561.24562.24571.24572.28121.28122.28747.28752.28755.28762&a=553736&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers accept-language de-DE,de;q=0.9 Referer https://use.typekit.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT last-modified Fri, 14 Jul 2023 12:44:32 GMT server nginx etag "64b14330-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
POST H2	200	visitor_config Show response api.glia.com/	10 KB 12 KB	132ms 132ms	XHR application/json	2600:9000:26da:4400:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.ecu.com%2F& Requested by Host: api.glia.com URL: https://api.glia.com/salemove_integration.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:4400:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f71462ab16b122ce02e9ff4a9f094819f1178cef03aa875533ff3496a65cfcc6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 21 Feb 2024 20:41:44 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 x-cache Miss from cloudfront content-length 10686 access-control-max-age 7200 access-control-allow-methods GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE content-type application/json access-control-allow-origin https://www.ecu.com access-control-expose-headers cache-control no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true vary Origin x-site-visitor-config true access-control-allow-headers Content-Type, Accept, Authorization x-amz-cf-id EgYoi8ynmzZDz5t8Dg6XCe29H7qVl9DCiGPpTzxVPeRj-bA8_M58Hg==
GET H2	200	Financial-Literacy-For-Couples_Digital-Ads_2024-01_Blog-670x447-1.jpg www.ecu.com/files/	48 KB 49 KB	128ms 127ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/Financial-Literacy-For-Couples_Digital-Ads_2024-01_Blog-670x447-1.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 4425fd31a02fe1175c6ba6ec3d643a5a70fd2700d391db0b59ae75ec27586a20 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT last-modified Wed, 07 Feb 2024 17:37:24 GMT server nginx etag "65c3bfd4-c12a" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 49450
GET H2	200	Savers-Sweepstakes_Blog-Photos_2023-10_Anne-W_V1.jpg www.ecu.com/files/	30 KB 31 KB	128ms 128ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/Savers-Sweepstakes_Blog-Photos_2023-10_Anne-W_V1.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash cc47b5fad5ba68bac1921abc8f089f5912632cbe3b744093a802b6a7da238ea0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT last-modified Fri, 20 Oct 2023 14:36:25 GMT server nginx etag "65329069-795b" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 31067
GET H2	200	Scholarship_Digital-Ad_2024-01_FIRST-ANNOUNCEMENT_Blog-300x200-1.jpg www.ecu.com/files/	39 KB 39 KB	132ms 131ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/Scholarship_Digital-Ad_2024-01_FIRST-ANNOUNCEMENT_Blog-300x200-1.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 68accd6e61f3d06de0d6b3971018056aee95084daf9f818d00d2489bc66bb50a Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT last-modified Thu, 04 Jan 2024 15:07:19 GMT server nginx etag "6596c9a7-9ade" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 39646
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 205 B	15ms 13ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1402854213&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ecu.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Educators%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1313706293&gjid=318764318&cid=2019253160.1708548105&tid=UA-146171377-36&_gid=154395874.1708548105&_r=1&_slc=1&z=2127805968 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ecu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 68 B	14ms 14ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1402854213&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ecu.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Educators%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1344947055&gjid=559393466&cid=2019253160.1708548105&tid=UA-146171377-2&_gid=154395874.1708548105&_r=1&_slc=1&z=1301600842 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ecu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	widget_app_base_1707998198539.js Show response cdn.userway.org/widgetapp/2024-02-15-11-56-38/	149 KB 43 KB	22ms 7ms	Script application/javascript	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash a90e8ddd546fa20d340d6bc1ebe06b6e0e307cb129567adec91da8b011bdc93a Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:44 GMT via 1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 469 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 549180 x-accel-date 1707998924 x-77-nzt EgwB1GY4sQH3PGEIAAwBJRPCMQH3GAAAAA x-accel-expires @1733918900 x-77-age 549204 last-modified Thu, 15 Feb 2024 11:59:09 GMT server CDN77-Turbo etag W/"54d4c3421cbdfc831e6b0174d2a866a4" x-77-nzt-ray 1cb09c0e492906800860d66589a4e632 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id zgDUomAMHJtBaZC2YR16B6A3GAGlHq85qksghZFPhwaFPML02aop2w==
GET H2	200	js Show response www.googletagmanager.com/gtag/	266 KB 90 KB	23ms 22ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-P0G2EW5F8N&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTWHZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d4f8f7c8f57d8e40965cca60e171eea18f2828ad25cfc153fe24c570a2e9935d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92014 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 21 Feb 2024 20:41:44 GMT
GET H2	200	l use.typekit.net/af/277d7a/00000000000000003b9ade63/27/	35 KB 35 KB	30ms 8ms	Font application/font-woff2	2a02:26f0:3500:16::215:149a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/277d7a/00000000000000003b9ade63/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash c2a1f25fed271100f66e9712047ecae983e28154d2ee4b1c3f8ae36f43938246 Request headers Referer https://use.typekit.net/zla6sgs.css Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT server nginx etag "b2f60e17d86161d42d1afc2ea0f9382eac0ebf3b" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 35976
GET H2	200	l use.typekit.net/af/c12453/0000000000000000000157bf/27/	27 KB 27 KB	37ms 15ms	Font application/font-woff2	2a02:26f0:3500:16::215:149a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/c12453/0000000000000000000157bf/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 55e389c9c0b3d3a2ad0d58c3cb282dde39e8c90c70f3213f05779fbfc7b87098 Request headers Referer https://use.typekit.net/zla6sgs.css Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT server nginx etag "828c2624ab9e788f1badba0de96a44a845cd105a" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 27616
GET H2	200	l use.typekit.net/af/19c742/0000000000000000000157c9/27/	25 KB 26 KB	32ms 10ms	Font application/font-woff2	2a02:26f0:3500:16::215:149a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/19c742/0000000000000000000157c9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 9a499e8bcb40fb69318026c909e6166b66cfd8ab5cc63f022138c22f4f8dd0af Request headers Referer https://use.typekit.net/zla6sgs.css Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT server nginx etag "67d39e3590a8758df9f98386e6d42f94c49a1710" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 26056
GET H2	200	l use.typekit.net/af/0ceada/00000000000000003b9ade5c/27/	37 KB 37 KB	41ms 21ms	Font application/font-woff2	2a02:26f0:3500:16::215:149a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/0ceada/00000000000000003b9ade5c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 846cd0f60c8391c367237080073ef3c8d3966fa82565610dddfef6a0b03447fb Request headers Referer https://use.typekit.net/zla6sgs.css Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT server nginx etag "ef9614aec4a49ce43336734e6b7a8f33a282e0b4" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 37692
GET H2	200	l use.typekit.net/af/de68cc/00000000000000007735b41f/30/	40 KB 40 KB	35ms 16ms	Font application/font-woff2	2a02:26f0:3500:16::215:149a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/de68cc/00000000000000007735b41f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 7f2104371f48a77dc9d248046efcf80c27529d5a1c2646ae7a9c383623b07d43 Request headers Referer https://use.typekit.net/zla6sgs.css Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT server nginx etag "6f781086524022749eac8a0ac09826bb241e240e" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 40612
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	14ms 14ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1402854213&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ecu.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Educators%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=1039911353&gjid=259270852&cid=2019253160.1708548105&tid=UA-41195611-1&_gid=154395874.1708548105&_r=1&_slc=1&gtm=45He42h0n71NRTWHZv71606893za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=142663228 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ecu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	alphpixel.js Show response js.alpixtrack.com/	5 KB 5 KB	409ms 122ms	Script application/javascript	130.211.141.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://js.alpixtrack.com/alphpixel.js?cust=3770542-617-WISN Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTWHZ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 130.211.141.45 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.141.211.130.bc.googleusercontent.com Software nginx/1.20.0 / Resource Hash 26b1fa79351edf039f381c8d30f0d0861746042f076c8de57179d822b8d7eacd Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Date Wed, 21 Feb 2024 20:41:45 GMT Last-Modified Wed, 07 Jul 2021 09:28:51 GMT Server nginx/1.20.0 ETag "60e573d3-1331" Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=86400, public, no-transform Connection keep-alive Accept-Ranges bytes Content-Length 4913 Expires Thu, 22 Feb 2024 20:41:45 GMT
GET H2	200	elle_button.js Show response d4hldqmvpzsy0.cloudfront.net/assets/	369 KB 73 KB	58ms 21ms	Script application/javascript	2600:9000:2240:1200:1e:28bc:9200:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d4hldqmvpzsy0.cloudfront.net/assets/elle_button.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:1200:1e:28bc:9200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 477e51db2820aabe5d18b445ba5485f223218b52b723114011e976faa65631e9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma public date Wed, 21 Feb 2024 20:41:44 GMT content-encoding gzip via 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront) last-modified Fri, 16 Feb 2024 18:12:46 GMT server nginx x-amz-cf-pop FRA60-P1 age 201 etag W/"65cfa59e-5c26d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1800, public x-amz-cf-id QnyNV9MDghjVz4KSI7ogLie0GfxmBtTgL2czgmXf4WQaL1FfepBu0Q== expires Wed, 21 Feb 2024 21:08:23 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	214 KB 58 KB	32ms 10ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers permissions-policy-report-only clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 21 Feb 2024 20:41:44 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57257 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" pragma public x-fb-debug pw74mjk/GN5lA8fYnOSn0Jva8iFRF0sARjvckvWEA/XTNNLlHYV4YelBMIWM3PT3bGo/MeJhw5utoeOpcE8Ijg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response tags.srv.stackadapt.com/	18 KB 7 KB	140ms 125ms	Script text/javascript	18.196.214.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/events.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.196.214.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-214-221.eu-central-1.compute.amazonaws.com Software / Resource Hash 4843c4aeaee7cf7f463bf7b0dca33e7cc28bdb7e38234ed4e6e4d9419ac38f1a Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-origin * date Wed, 21 Feb 2024 20:41:44 GMT cache-control max-age=5 content-encoding gzip content-type text/javascript
GET H2	200	scevent.min.js Show response sc-static.net/	43 KB 19 KB	81ms 33ms	Script application/javascript	99.84.8.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc-static.net/scevent.min.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.8.252 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-8-252.lhr62.r.cloudfront.net Software CloudFront / Resource Hash 4825cfc96cd31ef395f9e168319b6612ab8ceb10820a15544b6a1e0fa6c2e06f Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:44 GMT content-encoding gzip via 1.1 a0f4468818f72f22dc199419b0ebbcc6.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop LHR62-C2 x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, s-maxage=0, max-age=600 access-control-allow-headers Content-Type content-length 18922 x-amz-cf-id VbaFp-ZWfSXpit_tZG-9hm0grG-9lX-RB4OKDd07zbjg_YZPUG5EXg==
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	163ms 140ms	Script application/javascript	2.23.7.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCOUGH3C77U8584IB53G&lib=ttq Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.7.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-23-7-42.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 1a0486da038f1018a6555d178e07b291748323c48a1ab17a5cdcc9557892989b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-akamai-request-id 2f896717 date Wed, 21 Feb 2024 20:41:44 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24022120414475E94769B68B62F15C7B-5FA08E1BCF90EEDF-00 x-cache TCP_MISS from a2-23-7-38.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-) server-timing inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=94 pragma no-cache server nginx x-tt-logid 2024022120414475E94769B68B62F15C7B vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 96,2.23.7.38 x-tt-trace-host 018ebc4d9ec07b295a605f57a2ea37c4b57805aa2c0c6aa409c0e26dcfa85da8859fcab36c2a6585a699026bfe5ddeef1c4bfa421b488a14a443350404bf13a7d2d342da80bc332c1d3a52852b3fa426b1d7eeede7b1291e88ec1a779022152d2d expires Wed, 21 Feb 2024 20:41:44 GMT
GET H2	200	2e5bca30-3cfc-013b-a710-0cc47abd0334 Show response tag.simpli.fi/sifitag/	3 KB 2 KB	56ms 16ms	Script application/javascript	35.204.89.238 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/2e5bca30-3cfc-013b-a710-0cc47abd0334 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTWHZ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 238.89.204.35.bc.googleusercontent.com Software openresty / Resource Hash 93291d3a7b4d356f4b96dcbb8d431aa0b57dbc73a5b70ef651fcccef76f5573c Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:44 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 x-request-id F7X7cvuGKo7axSZ-RzrC expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	60ms 31ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Wed, 21 Feb 2024 20:41:44 GMT last-modified Fri, 10 Nov 2023 20:09:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 73FECC0A35A24BAE99E92C32F57814BD Ref B: FRA31EDGE0222 Ref C: 2024-02-21T20:41:44Z etag "80abcdf1114da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13175
GET H2	200	starV6.gif jelly-v6.mdhv.io/v1/ Redirect Chain https://jelly.mdhv.io/v1/star.gif?pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&evt=hi https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&tx=a720fc8f-cfd7-446a-af6a-e48adfd03ab4	43 B 234 B	181ms 127ms	Image image/gif	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&tx=a720fc8f-cfd7-446a-af6a-e48adfd03ab4 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT server Google Frontend content-type image/gif x-cloud-trace-context 24466463e383ae906c352da2a21e8ccc cache-control no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0 content-length 43 expires -1 Redirect headers location https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&tx=a720fc8f-cfd7-446a-af6a-e48adfd03ab4 x-cloud-trace-context 8be4a82871047b952b921ac10db6f539 date Wed, 21 Feb 2024 20:41:44 GMT server Google Frontend content-length 173 content-type text/html; charset=utf-8
OPTIONS H2	204	css litho.silvercloudinc.com/utilities/ Frame	0 0	344ms 306ms	Preflight	108.138.36.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/utilities/css?product_id=60c27855d1a5b56c6e7383ba Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-120.muc50.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Type,Accept,Authorization access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, HEAD access-control-allow-origin https://www.ecu.com access-control-max-age 1728000 date Wed, 21 Feb 2024 20:41:45 GMT server nginx/1.14.0 (Ubuntu) via 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront) x-amz-cf-id XpOSVptFoGFIOE1Irva6lSgXy5mTWf8V2rCYTcN6z0qh_Jkwlk5SuA== x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront
GET H/1.1	200 OK	widget-stage2.js Show response autolink.io/educatorscu/3c8aef738d33cb5bc0e746ebb892ee9a/	25 B 923 B	343ms 150ms	XHR application/javascript	52.3.0.87 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://autolink.io/educatorscu/3c8aef738d33cb5bc0e746ebb892ee9a/widget-stage2.js?q=eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LmVjdS5jb20vIiwic2Vzc2lvbiI6Ijg2OGNiOWIyLTY4MGMtNDI3ZC1iYmY5LTdjMzU2ODNiOGE2NiJ9 Requested by Host: autolink.io URL: https://autolink.io/educatorscu/widget.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.3.0.87 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-0-87.compute-1.amazonaws.com Software nginx / Resource Hash 275ff46c1074b2c1da9af72c003a47c029496cf6ea1d3d09794a3e388bcf72c7 Security Headers Name Value Content-Security-Policy frame-ancestors creditunionservices.org www.creditunionservices.org ecu.com www.ecu.com ecu.com www.ecu.com 'self' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Date Wed, 21 Feb 2024 20:41:45 GMT Content-Security-Policy frame-ancestors creditunionservices.org www.creditunionservices.org ecu.com www.ecu.com ecu.com www.ecu.com 'self' X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000 Content-Encoding gzip X-Permitted-Cross-Domain-Policies master-only Transfer-Encoding chunked P3P CP="We do not have a P3P policy. For more information about the credit union's privacy policy, please contact the credit union." Connection keep-alive X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx Vary Origin Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin https://www.ecu.com Cache-Control private, max-age=1814400, immutable Access-Control-Allow-Credentials true
GET H2	200	css Show response litho.silvercloudinc.com/utilities/	433 KB 19 KB	362ms 362ms	XHR application/json	108.138.36.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/utilities/css?product_id=60c27855d1a5b56c6e7383ba Requested by Host: integration.silvercloudinc.com URL: https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-120.muc50.r.cloudfront.net Software nginx/1.14.0 + Phusion Passenger(R) 6.0.18 / Phusion Passenger(R) Enterprise 6.0.18 Resource Hash fe803a2a2b973008364cddaa4e284500776a51c23e878070a5438d9e9b1d9123 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept version=1 Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 Authorization Token eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI1YjJiZDVlM2MxOTU5NDc2OTJhZTcwZjAiLCJpYXQiOjE2MjU4MzI2MzQsImF1ZCI6WyJ3d3cuZWN1LmNvbSIsInd3dy5lY3UuY29tIiwiZWN1LmNvbSIsImVjdS5jb20iLCJlZHVjYXRvcnNzdGFnaW5nLm9yYi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9yc3N0YWdpbmcub3JiLmFsa2FtaXRlY2guY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwiZWR1Y2F0b3JzLnFhMTAuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWExMC5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTQuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWE0LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMy5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTMuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWEyLmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5kZXYuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMuZGV2LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLmxvY2FsIiwiZWR1Y2F0b3JzLmxvY2FsIiwic3RhZ2luZ2VjdS53cGVuZ2luZS5jb20iLCJzdGFnaW5nZWN1LndwZW5naW5lLmNvbSIsImVjdS5waXhlbHNwb2tlLXN0YWdpbmcuY29tIiwiZWN1LnBpeGVsc3Bva2Utc3RhZ2luZy5jb20iXSwicHJvZHVjdF9pZHMiOlsiNjBjMjc4NTVkMWE1YjU2YzZlNzM4M2JhIiwiNWIyYmQ1MWMzODdmMjMyMWUxZTY1NDE0Il19.-nQum5UERx-Eor_cmd1CUVjZd8BiIBLuDxX7DT63H_g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=31536000 content-encoding gzip via 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 x-powered-by Phusion Passenger(R) Enterprise 6.0.18 x-cache Miss from cloudfront status 200 OK x-request-id 23dea431-788c-4cdf-9f72-eb8ddec8b72e x-runtime 0.052506 server nginx/1.14.0 + Phusion Passenger(R) 6.0.18 etag W/"fe803a2a2b973008364cddaa4e284500" access-control-max-age 7200 access-control-allow-methods OPTIONS, GET, POST, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://www.ecu.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id hsi0SLfRZnL_tmYvyUVdbjwzTnYxRvLkGg19o5o9w5nl3tFEJM0eSQ==
GET H2	200	60c35c2824c0674546b9a36f Show response litho.silvercloudinc.com/console/integration_widgets/	2 KB 2 KB	341ms 341ms	XHR application/json	108.138.36.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/console/integration_widgets/60c35c2824c0674546b9a36f?product_id=60c27855d1a5b56c6e7383ba Requested by Host: integration.silvercloudinc.com URL: https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-120.muc50.r.cloudfront.net Software nginx/1.14.0 + Phusion Passenger(R) 6.0.18 / Phusion Passenger(R) Enterprise 6.0.18 Resource Hash e5caadfd450c4f173cf468f4afdf2b5d137cbd5ba5e677a3c51c605a9e55cb4c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept version=1 Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 Authorization Token eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI1YjJiZDVlM2MxOTU5NDc2OTJhZTcwZjAiLCJpYXQiOjE2MjU4MzI2MzQsImF1ZCI6WyJ3d3cuZWN1LmNvbSIsInd3dy5lY3UuY29tIiwiZWN1LmNvbSIsImVjdS5jb20iLCJlZHVjYXRvcnNzdGFnaW5nLm9yYi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9yc3N0YWdpbmcub3JiLmFsa2FtaXRlY2guY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwiZWR1Y2F0b3JzLnFhMTAuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWExMC5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTQuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWE0LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMy5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTMuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWEyLmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5kZXYuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMuZGV2LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLmxvY2FsIiwiZWR1Y2F0b3JzLmxvY2FsIiwic3RhZ2luZ2VjdS53cGVuZ2luZS5jb20iLCJzdGFnaW5nZWN1LndwZW5naW5lLmNvbSIsImVjdS5waXhlbHNwb2tlLXN0YWdpbmcuY29tIiwiZWN1LnBpeGVsc3Bva2Utc3RhZ2luZy5jb20iXSwicHJvZHVjdF9pZHMiOlsiNjBjMjc4NTVkMWE1YjU2YzZlNzM4M2JhIiwiNWIyYmQ1MWMzODdmMjMyMWUxZTY1NDE0Il19.-nQum5UERx-Eor_cmd1CUVjZd8BiIBLuDxX7DT63H_g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=31536000 content-encoding gzip via 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 x-powered-by Phusion Passenger(R) Enterprise 6.0.18 x-cache Miss from cloudfront status 200 OK x-request-id fe04f8d8-8e67-4cd8-94f7-a7f98f408e5d x-runtime 0.025792 server nginx/1.14.0 + Phusion Passenger(R) 6.0.18 etag W/"e5caadfd450c4f173cf468f4afdf2b5d" access-control-max-age 7200 access-control-allow-methods OPTIONS, GET, POST, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://www.ecu.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id DZqXE2SaEVQLyYCR9lwd5jl4zXwbk_JKDNjoylC_ZYarepubOn_-hA==
OPTIONS H2	204	60c35c2824c0674546b9a36f litho.silvercloudinc.com/console/integration_widgets/ Frame	0 0	364ms 326ms	Preflight	108.138.36.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/console/integration_widgets/60c35c2824c0674546b9a36f?product_id=60c27855d1a5b56c6e7383ba Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-120.muc50.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Type,Accept,Authorization access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, HEAD access-control-allow-origin https://www.ecu.com access-control-max-age 1728000 date Wed, 21 Feb 2024 20:41:45 GMT server nginx/1.14.0 (Ubuntu) via 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront) x-amz-cf-id OZDFVpKWRg5TuchuGEN9ghnSdIXbJJXtm-9S2xX9HUYCqpsfZCxGDg== x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 346 B	60ms 20ms	XHR text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-41195611-1&cid=2019253160.1708548105&jid=1039911353&gjid=259270852&_gid=154395874.1708548105&_u=aEDAAEABAAAAACAAI~&z=876832525 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 21 Feb 2024 20:41:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ecu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	05LFyEabXj Show response api.userway.org/api/tunings/	3 KB 3 KB	513ms 170ms	XHR application/json	2600:1f14:5db:eb00:7f23:50a1:5f33:d56d AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.userway.org/api/tunings/05LFyEabXj Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1f14:5db:eb00:7f23:50a1:5f33:d56d Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 1035085fc44eb4414b0359c8d8569ac98f96b6b60572e347544f8e5cfb566d6c Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 21 Feb 2024 20:41:45 GMT etag W/"c2b-/4X0HhH+OsemPvZNhUbEeeDBoVA" access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * x-service-request-id usr2966b25707e843f access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control no-cache, no-store, must-revalidate access-control-allow-headers * content-length 3115 x-service-version uw-pr
GET H2	200	bootstrapper-4cc45cbed.js Show response libs.salemove.com/visitor/	638 KB 167 KB	92ms 43ms	Script application/javascript	2600:9000:20b4:ea00:0:99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor/bootstrapper-4cc45cbed.js Requested by Host: api.glia.com URL: https://api.glia.com/salemove_integration.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:ea00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e7502f6fc5d8820c924d2077a9ceea5710ef330e5a15f60938c779b273b850f7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 13:53:49 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P4 age 24476 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 21 Feb 2024 13:16:59 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:1b037b5f9ef87e1e43c4d38fd8752c79 etag W/"1b037b5f9ef87e1e43c4d38fd8752c79" vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type application/javascript cache-control max-age=31536000 x-amz-cf-id pgOf7QZT7nSmlDR601ppecsIPe-uSVn4Co21RAjPQdu7iNrPIlmHfg==
POST H2	204	collect region1.google-analytics.com/g/	0 251 B	92ms 48ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-P0G2EW5F8N&gtm=45je42h0v876687717z871606893za200&_p=1708548104324&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=2019253160.1708548105&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708548104&sct=1&seg=0&dl=https%3A%2F%2Fwww.ecu.com%2F&dt=Home%20%7C%20Educators%20Credit%20Union&en=page_view&_fv=1&_ss=1&tfd=2186 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-P0G2EW5F8N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:44 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ecu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	350100730149698 Show response connect.facebook.net/signals/config/	49 KB 11 KB	148ms 147ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/350100730149698?v=2.9.147&r=stable&domain=www.ecu.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 179cfa59dcd8ed4553f501cdd34ab0774a8d072f12d222539b0b9ecfa9dac78a Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers permissions-policy-report-only clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 21 Feb 2024 20:41:45 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" pragma public x-fb-debug Q6EHlxh+C8kyEo1cjxovOG4QQbYwZy7XF3SnGB25pXF81gpF3jJDkzg35z1HmzaPL6hNghdG5XDzXTZFmPmh7A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	104ms 53ms	Image image/gif	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41195611-1&cid=2019253160.1708548105&jid=1039911353&_u=aEDAAEABAAAAACAAI~&z=1193198072 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	184ms 104ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41195611-1&cid=2019253160.1708548105&jid=1039911353&_u=aEDAAEABAAAAACAAI~&z=1193198072 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	343046370.js Show response bat.bing.com/p/action/	0 118 B	65ms 65ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/343046370.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Wed, 21 Feb 2024 20:41:44 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: C491FFC5921F4A6F8F3DB686F71CD17C Ref B: FRA31EDGE0222 Ref C: 2024-02-21T20:41:44Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 285 B	113ms 113ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=343046370&Ver=2&mid=cbe3b73f-175d-413a-93cb-f67e8354ca3c&sid=a048f340d0f911ee96f55f95c9c54e0f&vid=a048e690d0f911eeace43f187fc3eb7e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20%7C%20Educators%20Credit%20Union&p=https%3A%2F%2Fwww.ecu.com%2F&r=&lt=2128&evt=pageLoad&sv=1&rn=423646 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 21 Feb 2024 20:41:44 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 623F56431591401F97133DDD38411EC6 Ref B: FRA31EDGE0222 Ref C: 2024-02-21T20:41:44Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	101ms 11ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: d4hldqmvpzsy0.cloudfront.net URL: https://d4hldqmvpzsy0.cloudfront.net/assets/elle_button.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 4200773 x-cache HIT, HIT content-length 30288 x-served-by cache-lga13622-LGA, cache-fra-eddf8230049-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1708548105.061655,VS0,VE0 etag W/"28feccc0-1538f" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 3, 814321
GET H2	200	elle_button.css d4hldqmvpzsy0.cloudfront.net/assets/	43 KB 6 KB	34ms 33ms	Stylesheet text/css	2600:9000:2240:1200:1e:28bc:9200:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d4hldqmvpzsy0.cloudfront.net/assets/elle_button.css Requested by Host: d4hldqmvpzsy0.cloudfront.net URL: https://d4hldqmvpzsy0.cloudfront.net/assets/elle_button.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:1200:1e:28bc:9200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 2b4fd9f83f1f606837e1c665a039c9e118d2a1120da94603306ccf15e1d6f5e5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma public date Wed, 21 Feb 2024 20:41:44 GMT content-encoding gzip via 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront) last-modified Fri, 16 Feb 2024 18:12:46 GMT server nginx x-amz-cf-pop FRA60-P1 age 199 etag W/"65cfa59e-aa29" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=1800, public x-amz-cf-id 0XXBWLZ08CAwFhJ1uW8Ek5kKLUbqQy2h20KZjTpkunRP5j6VK4DjfQ== expires Wed, 21 Feb 2024 21:08:25 GMT
GET H2	200	8047d132-03cb-4587-b0fb-1b22856cd695.js Show response tr.snapchat.com/config/com/	186 B 452 B	196ms 115ms	Script application/javascript	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/config/com/8047d132-03cb-4587-b0fb-1b22856cd695.js?v=3.11.0-2402190716 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 80f8ec821a446b8ea49cbe0995469f63c3a539d7441c9b326373b28982b9749f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway content-type application/javascript access-control-allow-origin https://www.ecu.com x-envoy-upstream-service-time 92 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 186
GET H2	200	i Show response tr.snapchat.com/cm/ Frame 849B	0 201 B	100ms 24ms	Document text/html	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/cm/i?pid=8047d132-03cb-4587-b0fb-1b22856cd695&u_scsid=9943aa4a-446a-4bab-9a0c-247606018d25&u_sclid=3938cc23-7f6d-4eb5-ad2c-870745cb0001 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains Request headers Referer https://www.ecu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Wed, 21 Feb 2024 20:41:45 GMT server API Gateway strict-transport-security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains via 1.1 google x-envoy-upstream-service-time 0
GET H2	200	sa.css tags.srv.stackadapt.com/	65 B 203 B	98ms 98ms	Stylesheet text/css	18.196.214.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.css Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.196.214.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-214-221.eu-central-1.compute.amazonaws.com Software / Resource Hash c76ced51a6ce1d6fa36984ec2b12ec54aa41b8d582430c806421af224e2660b4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-origin * date Wed, 21 Feb 2024 20:41:45 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 65 content-type text/css
GET H2	200	sa.jpeg Show response tags.srv.stackadapt.com/	0 2 KB	121ms 101ms	Fetch image/jpeg	18.196.214.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.jpeg Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.196.214.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-214-221.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-origin * date Wed, 21 Feb 2024 20:41:45 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 651 content-type image/jpeg
GET H2	200	main.MTU3YmJkODI0MQ.js Show response analytics.tiktok.com/i18n/pixel/static/	399 KB 104 KB	14ms 14ms	Script application/javascript	2.23.7.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCOUGH3C77U8584IB53G&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.7.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-23-7-42.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-akamai-request-id 2f896930 date Wed, 21 Feb 2024 20:41:45 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202401252008499C73AA76AAE5196AFBEB x-tt-trace-id 00-2401252008499C73AA76AAE5196AFBEB-4467DAF3B0B39CFB-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-23-7-38.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 0158ccdc9ef2742815d38f1937d0b6d89174bea1dedf8d868ed12071d8195640a90cfda7b909e9c5f4802d9cc6c701fbd7b86f11d835d23675d1f3211074aca41420176801f309156d64ed0d3ee3af34cd1059945bafe0c04bf57e2c2f6df9655f server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5 content-length 106157
GET H2	200	identify_0a875.js Show response analytics.tiktok.com/i18n/pixel/static/	137 KB 37 KB	12ms 11ms	Script application/javascript	2.23.7.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.7.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-23-7-42.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-akamai-request-id 2f896a1a date Wed, 21 Feb 2024 20:41:45 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240123151545967D74D9FFBC6A984D41 x-tt-trace-id 00-240123151545967D74D9FFBC6A984D41-5E6FAA12D5DDF82C-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-23-7-38.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01f68da7dc46f01d8e1e8e5ff88321c2f41318ac90fe5da8ec5dd84f6a385bb23cfb2f2b7616e1e338f1af429a98eb232146a473da8a8d25a98e2ec594865d8f76349c141273a339c37e7a1c5dca49cf831c367e5d101b0ad3c9c91716461a5e8d server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5 content-length 36878
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 838 B	167ms 167ms	Ping text/plain	2.23.7.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.7.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-23-7-42.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id abb578b2.2f896a98 date Wed, 21 Feb 2024 20:41:45 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2402212041457829FF6994DDC2DC3F24-1D8CD816D55606CB-00 x-cache TCP_MISS from a2-23-7-38.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-) x-parent-response-time 137,2.23.7.38 server-timing cdn-cache; desc=MISS, edge; dur=97, origin; dur=47, inner; dur=44 content-length 0 pragma no-cache server nginx x-tt-logid 202402212041457829FF6994DDC2DC3F24 x-cache-remote TCP_MISS from a23-218-222-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.1-54226592) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 48,23.218.222.76 x-tt-trace-host 018ebc4d9ec07b295a605f57a2ea37c4b52e9d5f09b8eabcc1e3fae85ecd1b1bf22d706e9d78a570ea7cf305cf4671e5a4357ae37a9d2603e0381a4dd412a0796540720556dbeb589bcee1dcb6a89642f528330a9271ebf55701228bc8a04571bd682b0cbe40afbe040b3aee2a123ab7eb access-control-allow-headers Authorization,* expires Wed, 21 Feb 2024 20:41:45 GMT
GET H2	200	webcomponents_es5-4cc45cbed.js Show response libs.salemove.com/visitor/	936 B 1 KB	14ms 14ms	Script application/javascript	2600:9000:20b4:ea00:0:99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor/webcomponents_es5-4cc45cbed.js Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-4cc45cbed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:ea00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 13:53:51 GMT strict-transport-security max-age=63072000; includeSubdomains; preload via 1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P4 age 24475 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 936 last-modified Wed, 21 Feb 2024 13:16:59 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:f86098c5208655efb405300993461936 etag "f86098c5208655efb405300993461936" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id gVh_RuPv65R9Z7QiowqwTFj8sMQfPEhdTMhe7xo69uJlH71oGX8VoQ==
GET H2	200	/ www.facebook.com/tr/	0 185 B	59ms 8ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=350100730149698&ev=PageView&dl=https%3A%2F%2Fwww.ecu.com&rl=&if=false&ts=1708548105164&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4124&fbp=fb.1.1708548105163.1168463666&pm=1&hrl=b4efec&ler=empty&cdl=API_unavailable&it=1708548104955&coo=false&cs_cc=1&ccs=2368152036665415&cas=3795046067262098&exp=e1&rqm=GET Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 21 Feb 2024 20:41:45 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	visitor-app.397a9d4b.min.js Show response libs.salemove.com/	688 KB 199 KB	21ms 21ms	Script application/javascript	2600:9000:20b4:ea00:0:99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor-app.397a9d4b.min.js Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-4cc45cbed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:ea00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f5e7b9f0b0053e993abf1691943ede6f60c6c0579d4531b9481fa7c6ad1c70e6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Fri, 16 Feb 2024 13:06:42 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P4 age 459304 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 10:30:58 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:65bfdcce8867b405e487324578235475 etag W/"65bfdcce8867b405e487324578235475" vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type application/javascript cache-control max-age=31536000 x-amz-cf-id GL99rrw93MMJ0Gm7YYdKcBpXsUCBAUSl8kkcxiXw0HozuIwCUbsBKA==
GET H2	200	visitor-app.397a9d4b.default.css libs.salemove.com/	206 KB 31 KB	45ms 45ms	Stylesheet text/css	2600:9000:20b4:ea00:0:99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor-app.397a9d4b.default.css Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-4cc45cbed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:ea00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 54a36ace3d2d860fd3e4f5e0d59f43b6653c4c2ba6fd87ce73e2d3fc22b61a52 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Fri, 16 Feb 2024 13:06:42 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P4 age 459304 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 10:30:57 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:593e94f08cd3472f4bd4420fc198b2a7 etag W/"593e94f08cd3472f4bd4420fc198b2a7" vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type text/css cache-control max-age=31536000 x-amz-cf-id V_KYpsL5PjEuYGFTKmR7puBB6mYWSfyKeQUA7pN9E5B-ws-v2IlKCw==
GET H2	200	279396117001a1 Show response api.salemove.com/visitor_app/397a9d4b/sites/968111e8-8800-4cec-b46e-f731f70e1238/custom_locales/esUSECUcontent/	14 KB 14 KB	83ms 15ms	XHR application/json	2600:9000:26da:7000:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.salemove.com/visitor_app/397a9d4b/sites/968111e8-8800-4cec-b46e-f731f70e1238/custom_locales/esUSECUcontent/279396117001a1 Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-4cc45cbed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:7000:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7d02f7c3ded5b3e41f50090cf3c9a31c15f455b3f370316c054577aef37168e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Fri, 16 Feb 2024 13:23:57 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 age 458268 x-cache Hit from cloudfront content-length 13998 access-control-max-age 7200 access-control-allow-methods GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE content-type application/json access-control-allow-origin https://www.ecu.com access-control-expose-headers cache-control public, max-age=31536000 vary Origin access-control-allow-headers Content-Type, Accept, Authorization x-amz-cf-id fdPnvM5UxDeWNef1S85mmYXXusR42TpTQP90yW-bxv09DAIYnobtig==
GET H2	200	saq_pxl Show response tags.srv.stackadapt.com/	138 B 329 B	100ms 100ms	XHR text/plain	18.196.214.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/saq_pxl?uid=Kafax8pHhY8hj8OTsjZwzQ&is_js=true&landing_url=https%3A%2F%2Fwww.ecu.com%2F&t=Home%20%7C%20Educators%20Credit%20Union&tip=FXRHU2fql7VyluFDM730n2Fv_epFRsup0uXWNB9n3zQ&host=https%3A%2F%2Fwww.ecu.com&sa_conv_data_css_value=%270-6cfddea6-11bd-5be7-4ffb-abc0efa0c462%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd96cfddea611bd5be74ffbabc0efa0c462515f052a&sa-user-id-v3=s%253AAQAKIBTaz_YxPrJbo_1PlWiB75s7O7fAbbADPdFB2AIcd9QrEHwYBCCIwNmuBjABOgQD-PIdQgRzfGKK.RvvlHhDpi47FaXDeXAgDxdIRzODnaSpwHGvyc09sw0I&sa-user-id-v2=s%253AbP3ephG9W-dP-6vA76DEYlFfBSo.77nRy%252BNWeyHE6%252B9x89M%252FTqsMDE7UKYI%252FHC7ejA1y1lw&sa-user-id=s%253A0-6cfddea6-11bd-5be7-4ffb-abc0efa0c462.xB%252Bt8WJob0kuW346SorMfycHzv%252FeRFh3HIfpdhh0wOs Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.196.214.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-214-221.eu-central-1.compute.amazonaws.com Software / Resource Hash d15e073d4ef005fbc0fc649440c4f990719382a18d4ee052b6fd5415f468f52e Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-origin https://www.ecu.com date Wed, 21 Feb 2024 20:41:45 GMT access-control-allow-credentials true access-control-allow-headers * content-length 138 access-control-allow-methods GET content-type text/plain; charset=utf-8
POST H2	200	p tr.snapchat.com/	0 89 B	20ms 19ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway access-control-allow-origin https://www.ecu.com x-envoy-upstream-service-time 1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	modal Show response d4hldqmvpzsy0.cloudfront.net/buttons/10/	3 KB 5 KB	8ms 8ms	Script text/javascript	2600:9000:2240:1200:1e:28bc:9200:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d4hldqmvpzsy0.cloudfront.net/buttons/10/modal?_=1708548105074 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:1200:1e:28bc:9200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ae1b971e10ed3acc55c5973d01971585e203cfab2630698be5807e74faef40d0 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers strict-transport-security max-age=63072000 access-control-request-method * x-content-type-options nosniff date Wed, 21 Feb 2024 20:22:45 GMT via 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop FRA60-P1 age 1140 content-security-policy-report-only default-src 'none'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; img-src 'self' data: www.google-analytics.com https://www.googletagmanager.com; object-src 'none'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com *.shastic.com 'unsafe-hashes' 'sha256-N1n8lEiVVZOM5rS6yBFq6m833AxXV2V/7UOwNfczbbM=' 'sha256-7k0KsnfUjFEjvJCUWut+Njx57UyP3VvQTaHR/L7yQbc=' 'sha256-l8qQFu8yWLcCf1/TPUibdSC7VDqewe3RNEbBV9dyjrU=' 'sha256-p6rSmVeVTWPB/za28mNNs/QI2ic8M4nUVc4EYcWYMOE=' 'sha256-Y6YpgJJl0KtCoXBxFuFNOssI/Glj/RPD2y27HSF2tPg=' 'sha256-++TiC24fZiZGljBvcKrFCIZx6X8vu4E/wGdFFESzDd8=' 'sha256-E33VWjDI3/z+nlU/Ykmcppvx7MqoJHfbJtxxzp1dGAM=' 'sha256-n/esseyVYGG+GCF6qaTJHZfNwDu3aJseMcqvfCRQuyA=' 'sha256-Rzj30L11Mf0IRh4QlJynwWH0+pdskxK7WXadLKR0C/w=' 'sha256-qI5HaxY/ttSrJgxLP4OPIUzvz+TjSzXonAEKWeEgrIg=' 'sha256-m/LGoWmOeoDtXitWUGQN3pH5ErIhnsXPxMkZ1whERQU=' 'sha256-bSnLdomH/FV/v4kVCHaYmYJB4N0+BuAtipB+Jo1sCEk=' 'sha256-0/D2Qm73weNH+bYFQh4ntqlwKUbbuOPi5ZKjABm81IM='; style-src * 'unsafe-inline'; connect-src 'self' www.google-analytics.com https://elleauth.shastic.com *.shastic.com; frame-ancestors https:; form-action 'self' *.shastic.com; media-src 'self' *.shastic.com; base-uri 'self'; report-uri /csp-reports x-cache Hit from cloudfront x-xss-protection 1; mode=block x-request-id 56c73518-162a-444a-9f50-ddb592b926a5 pragma public x-runtime 0.010128 referrer-policy strict-origin-when-cross-origin server nginx etag W/"ae1b971e10ed3acc55c5973d01971585" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, PUT, DELETE, GET, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=1800, public vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization x-amz-cf-id Us2V-4AywiI1Deiq0WjRwbYYFuquU1E2LP860nyHPo3oZddn-IcUvQ== expires Wed, 21 Feb 2024 14:52:45 -0600
GET H2	200	customizations Show response d4hldqmvpzsy0.cloudfront.net/buttons/10/	9 KB 11 KB	24ms 9ms	XHR application/json	2600:9000:2240:1200:1e:28bc:9200:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d4hldqmvpzsy0.cloudfront.net/buttons/10/customizations Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:1200:1e:28bc:9200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 4de3b41b7732c3cc86e90638977d323aa2a81db58fc004ef99435555bcf465df Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers strict-transport-security max-age=63072000 access-control-request-method * x-content-type-options nosniff date Wed, 21 Feb 2024 20:22:45 GMT via 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop FRA60-P1 age 1140 content-security-policy-report-only default-src 'none'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; img-src 'self' data: www.google-analytics.com https://www.googletagmanager.com; object-src 'none'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com *.shastic.com 'unsafe-hashes' 'sha256-N1n8lEiVVZOM5rS6yBFq6m833AxXV2V/7UOwNfczbbM=' 'sha256-7k0KsnfUjFEjvJCUWut+Njx57UyP3VvQTaHR/L7yQbc=' 'sha256-l8qQFu8yWLcCf1/TPUibdSC7VDqewe3RNEbBV9dyjrU=' 'sha256-p6rSmVeVTWPB/za28mNNs/QI2ic8M4nUVc4EYcWYMOE=' 'sha256-Y6YpgJJl0KtCoXBxFuFNOssI/Glj/RPD2y27HSF2tPg=' 'sha256-++TiC24fZiZGljBvcKrFCIZx6X8vu4E/wGdFFESzDd8=' 'sha256-E33VWjDI3/z+nlU/Ykmcppvx7MqoJHfbJtxxzp1dGAM=' 'sha256-n/esseyVYGG+GCF6qaTJHZfNwDu3aJseMcqvfCRQuyA=' 'sha256-Rzj30L11Mf0IRh4QlJynwWH0+pdskxK7WXadLKR0C/w=' 'sha256-qI5HaxY/ttSrJgxLP4OPIUzvz+TjSzXonAEKWeEgrIg=' 'sha256-m/LGoWmOeoDtXitWUGQN3pH5ErIhnsXPxMkZ1whERQU=' 'sha256-bSnLdomH/FV/v4kVCHaYmYJB4N0+BuAtipB+Jo1sCEk=' 'sha256-0/D2Qm73weNH+bYFQh4ntqlwKUbbuOPi5ZKjABm81IM='; style-src * 'unsafe-inline'; connect-src 'self' www.google-analytics.com https://elleauth.shastic.com *.shastic.com; frame-ancestors https:; form-action 'self' *.shastic.com; media-src 'self' *.shastic.com; base-uri 'self'; report-uri /csp-reports x-cache Hit from cloudfront x-xss-protection 1; mode=block x-request-id 23392303-ccec-45e6-abd6-ae2c17ad75f6 pragma public x-runtime 0.019713 referrer-policy strict-origin-when-cross-origin server nginx etag W/"4de3b41b7732c3cc86e90638977d323a" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, PUT, DELETE, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=1800, public vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization x-amz-cf-id TL0_UnNaksBpo1pDMV9kgQEnD7touU1C3cmNcegYAg0TyKUhtPDeMQ== expires Wed, 21 Feb 2024 14:52:45 -0600
GET H2	200	p Show response i.simpli.fi/	798 B 762 B	24ms 16ms	Script application/javascript	35.204.89.238 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=396441&cb=sifi_att_42656._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/2e5bca30-3cfc-013b-a710-0cc47abd0334 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 238.89.204.35.bc.googleusercontent.com Software openresty / Resource Hash cc0192b001ba420f8e64c91839a599025b4d6276d4a77c420e24d82b5dcb4247 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	204	/ s.ad.smaato.net/c/ Redirect Chain https://um.simpli.fi/smaato https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B6A52239F9234E5995A9C3BB02E9EDBE	0 236 B	95ms 53ms	Image text/plain	2600:9000:211e:9c00:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B6A52239F9234E5995A9C3BB02E9EDBE Protocol H2 Server 2600:9000:211e:9c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT cache-control no-cache, must-revalidate via 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-C2 x-amz-cf-id o5zl2t1ieSAu-ZGTSmaQxTg1ouIIsdK0G6N1XuVC1PjwTImM4__3rg== x-cache Miss from cloudfront Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B6A52239F9234E5995A9C3BB02E9EDBE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	200	RX-6c488206-5d9c-4a10-bb8e-cd3f3e00f58a-003 sync.targeting.unrulymedia.com/csync/ Redirect Chain https://um.simpli.fi/nexxen https://sync.1rx.io/usersync/simplifi/B6A52239F9234E5995A9C3BB02E9EDBE https://sync.1rx.io/usersync/simplifi/B6A52239F9234E5995A9C3BB02E9EDBE?zcc=1&cb=1708548105482 https://sync.targeting.unrulymedia.com/csync/RX-6c488206-5d9c-4a10-bb8e-cd3f3e00f58a-003	43 B 378 B	50ms 14ms	Image image/gif	46.228.174.117 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.targeting.unrulymedia.com/csync/RX-6c488206-5d9c-4a10-bb8e-cd3f3e00f58a-003 Protocol H2 Server 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT content-length 43 p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Redirect headers location https://sync.targeting.unrulymedia.com/csync/RX-6c488206-5d9c-4a10-bb8e-cd3f3e00f58a-003 pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT cache-control no-store, no-cache, must-revalidate expires 0 content-type text/html
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://um.simpli.fi/triplelift https://eb2.3lift.com/xuid?mid=7969&xuid=B6A52239F9234E5995A9C3BB02E9EDBE&dongle=yf3	37 B 140 B	55ms 11ms	Image image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=7969&xuid=B6A52239F9234E5995A9C3BB02E9EDBE&dongle=yf3 Protocol H2 Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://eb2.3lift.com/xuid?mid=7969&xuid=B6A52239F9234E5995A9C3BB02E9EDBE&dongle=yf3 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	200	sync simplifi.partners.tremorhub.com/ Redirect Chain https://um.simpli.fi/telaria_p https://simplifi.partners.tremorhub.com/sync?UISF=B6A52239F9234E5995A9C3BB02E9EDBE	43 B 175 B	335ms 93ms	Image image/gif	2600:1f18:612b:4216:a977:1843:102f:13f0 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://simplifi.partners.tremorhub.com/sync?UISF=B6A52239F9234E5995A9C3BB02E9EDBE Protocol H2 Server 2600:1f18:612b:4216:a977:1843:102f:13f0 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Wed, 21 Feb 2024 20:41:45 GMT server nginx content-type image/gif Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://simplifi.partners.tremorhub.com/sync?UISF=B6A52239F9234E5995A9C3BB02E9EDBE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Redirect Chain https://um.simpli.fi/tapad https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=B6A52239F9234E5995A9C3BB02E9EDBE https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B6A52239F9234E5995A9C3BB02E9EDBE	95 B 427 B	30ms 30ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B6A52239F9234E5995A9C3BB02E9EDBE Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B6A52239F9234E5995A9C3BB02E9EDBE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	empty.gif um.simpli.fi/ Redirect Chain https://um.simpli.fi/ad_advisor https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=B6A52239F9234E5995A9C3BB02E9EDBE https://d.agkn.com/pixel/10751/?che=1708548105473&ip=81.95.5.42&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217213104799004718009 https://um.simpli.fi/aa_px?sk=217213104799004718009 https://um.simpli.fi/empty.gif	43 B 361 B	20ms 20ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/empty.gif Protocol H2 Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location /empty.gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142
GET H2	403	ProfilesEngineServlet sync.intentiq.com/profiles_engine/ Redirect Chain https://um.simpli.fi/intentiq https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B6A52239F9234E5995A9C3BB02E9EDBE	0 0	106ms 18ms	Image text/html	13.224.222.65 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B6A52239F9234E5995A9C3BB02E9EDBE Protocol H2 Server 13.224.222.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-222-65.lhr61.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B6A52239F9234E5995A9C3BB02E9EDBE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	200	pubmatic um.simpli.fi/	43 B 409 B	18ms 17ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	200	freewheel um.simpli.fi/	43 B 409 B	21ms 20ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/freewheel Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	200	engine pbid.pro-market.net/ Redirect Chain https://um.simpli.fi/dtnx https://fei.pro-market.net/engine?du=24;csync=B6A52239F9234E5995A9C3BB02E9EDBE;mimetype=img; https://fei.pro-market.net/engine?du=24;csync=B6A52239F9234E5995A9C3BB02E9EDBE;mimetype=img;sr https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTQ0OTg1NDU2NjE0MTMyMDg3OTE= https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEE8d30N-H2WKBh6qgxEypQs&google_cver=1	43 B 381 B	20ms 19ms	Image image/gif	2600:1901:0:8eee:: GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEE8d30N-H2WKBh6qgxEypQs&google_cver=1 Protocol H2 Server 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:44 GMT via 1.1 google server Apache-Coyote/1.1 anserver gapp-eu-4.c.datonics-gcp-01.internal p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" access-control-allow-origin * content-type image/gif cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear content-length 43 expires Mon, 1 Jan 1990 0:0:0 GMT Redirect headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEE8d30N-H2WKBh6qgxEypQs&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 315 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	/ loadm.exelator.com/load/ Redirect Chain https://um.simpli.fi/exelatem https://loadm.exelator.com/load/?p=204&g=2191&simid=B6A52239F9234E5995A9C3BB02E9EDBE&j=0 https://loadm.exelator.com/load/?p=204&g=2191&simid=B6A52239F9234E5995A9C3BB02E9EDBE&j=0&xl8blockcheck=1	0 767 B	91ms 91ms	Image text/plain	54.78.254.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=2191&simid=B6A52239F9234E5995A9C3BB02E9EDBE&j=0&xl8blockcheck=1 Protocol H2 Server 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-78-254-47.eu-west-1.compute.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://loadm.exelator.com/load/?p=204&g=2191&simid=B6A52239F9234E5995A9C3BB02E9EDBE&j=0&xl8blockcheck=1 content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	200	yahoo um.simpli.fi/	43 B 409 B	22ms 21ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/yahoo Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H/1.1	204	sync sync.bfmio.com/ Redirect Chain https://um.simpli.fi/beachfront https://sync.bfmio.com/sync?pid=141&uid=B6A52239F9234E5995A9C3BB02E9EDBE	0 421 B	407ms 91ms	Image text/plain	52.4.203.155 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bfmio.com/sync?pid=141&uid=B6A52239F9234E5995A9C3BB02E9EDBE Protocol HTTP/1.1 Server 52.4.203.155 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-4-203-155.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Connection keep-alive Date Wed, 21 Feb 2024 20:41:44 GMT Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.bfmio.com/sync?pid=141&uid=B6A52239F9234E5995A9C3BB02E9EDBE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	200	29931 stags.bluekai.com/site/ Redirect Chain https://um.simpli.fi/bluekai https://stags.bluekai.com/site/29931?id=B6A52239F9234E5995A9C3BB02E9EDBE	62 B 444 B	393ms 310ms	Image image/gif	23.192.153.172 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stags.bluekai.com/site/29931?id=B6A52239F9234E5995A9C3BB02E9EDBE Protocol H2 Server 23.192.153.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-192-153-172.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Wed, 21 Feb 2024 20:41:45 GMT content-length 62 content-type image/gif Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://stags.bluekai.com/site/29931?id=B6A52239F9234E5995A9C3BB02E9EDBE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	404	tpid=B6A52239F9234E5995A9C3BB02E9EDBE bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Redirect Chain https://um.simpli.fi/crwdcntrl https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B6A52239F9234E5995A9C3BB02E9EDBE	49 B 265 B	116ms 33ms	Image image/gif	52.212.53.200 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B6A52239F9234E5995A9C3BB02E9EDBE Protocol H2 Server 52.212.53.200 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-212-53-200.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.31.32 content-length 49 expires 0 Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B6A52239F9234E5995A9C3BB02E9EDBE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	204	merge ce.lijit.com/ Redirect Chain https://um.simpli.fi/lj_match https://ce.lijit.com/merge?pid=2&3pid=B6A52239F9234E5995A9C3BB02E9EDBE	0 205 B	147ms 29ms	Image text/plain	34.246.44.240 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=B6A52239F9234E5995A9C3BB02E9EDBE Protocol H2 Server 34.246.44.240 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-246-44-240.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers expires Fri, 20 Mar 2009 00:00:00 GMT pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT x-merge GDPR Optout true cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 p3p CP="CUR ADM OUR NOR STA NID" Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ce.lijit.com/merge?pid=2&3pid=B6A52239F9234E5995A9C3BB02E9EDBE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	451	419566.gif idsync.rlcdn.com/ Redirect Chain https://um.simpli.fi/liveramp_match https://idsync.rlcdn.com/419566.gif?partner_uid=B6A52239F9234E5995A9C3BB02E9EDBE	0 98 B	76ms 40ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/419566.gif?partner_uid=B6A52239F9234E5995A9C3BB02E9EDBE Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://idsync.rlcdn.com/419566.gif?partner_uid=B6A52239F9234E5995A9C3BB02E9EDBE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	200	/ www.google.de/pagead/1p-conversion/1026675585/ Redirect Chain https://www.googleadservices.com/pagead/conversion/1026675585/?random=1708548105320&cv=7&fst=1708548105320&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=48957598&cv=7&fst=1708548105320&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=CW... https://www.google.com/pagead/1p-conversion/1026675585/?random=48957598&cv=7&fst=1708548105320&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMI... https://www.google.de/pagead/1p-conversion/1026675585/?random=48957598&cv=7&fst=1708548105320&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMIx...	42 B 154 B	51ms 50ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/1026675585/?random=48957598&cv=7&fst=1708548105320&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMIxs6d16W9hAMVgT4GAB0H5wgzMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=CWDWZYamGIH9mLAPh86jmAM&cid=CAQSGwAvHhf__qUtHx4xX2G3j2qRwF1kRP4O81SgNA&random=2886217586&ipr=y Protocol H2 Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/1026675585/?random=48957598&cv=7&fst=1708548105320&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMIxs6d16W9hAMVgT4GAB0H5wgzMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=CWDWZYamGIH9mLAPh86jmAM&cid=CAQSGwAvHhf__qUtHx4xX2G3j2qRwF1kRP4O81SgNA&random=2886217586&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	spotx_match um.simpli.fi/	0 272 B	23ms 23ms	Image text/plain	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/spotx_match Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-origin * date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS
GET H2	200	bounce ib.adnxs.com/ Redirect Chain https://um.simpli.fi/an https://ib.adnxs.com/setuid?entity=66&code=B6A52239F9234E5995A9C3BB02E9EDBE https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB6A52239F9234E5995A9C3BB02E9EDBE	43 B 1 KB	22ms 20ms	Image image/gif	185.89.210.46 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB6A52239F9234E5995A9C3BB02E9EDBE Protocol H2 Server 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT an-x-request-uuid 5226d2e6-fdc0-4167-8cad-bc14f934a389 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.42; 81.95.5.42; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT an-x-request-uuid 3457a939-c972-476c-a722-d70497e7c179 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB6A52239F9234E5995A9C3BB02E9EDBE cache-control no-store, no-cache, private x-proxy-origin 81.95.5.42; 81.95.5.42; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Redirect Chain https://um.simpli.fi/rb_match https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B6A52239F9234E5995A9C3BB02E9EDBE&expires=365	0 239 B	78ms 30ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B6A52239F9234E5995A9C3BB02E9EDBE&expires=365 Protocol HTTP/1.1 Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost aca6c52e983509e86b136a052e19be23 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B6A52239F9234E5995A9C3BB02E9EDBE&expires=365 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://um.simpli.fi/ox_match https://us-u.openx.net/w/1.0/sd?id=537072966&val=B6A52239F9234E5995A9C3BB02E9EDBE	43 B 264 B	49ms 19ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072966&val=B6A52239F9234E5995A9C3BB02E9EDBE Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://us-u.openx.net/w/1.0/sd?id=537072966&val=B6A52239F9234E5995A9C3BB02E9EDBE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:45 GMT
GET H2	204	g_match um.simpli.fi/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= https://um.simpli.fi/g_match?id=&google_gid=CAESEKCchCdRh3nP5V5kpNdZ324&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B6A52239F9234E5995A9C3BB02E9EDBE https://um.simpli.fi/g_match?id=	0 320 B	44ms 44ms	Image text/plain	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/g_match?id= Protocol H2 Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Tue, 20 Feb 2024 20:41:45 GMT Redirect headers pragma no-cache date Wed, 21 Feb 2024 20:41:45 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://um.simpli.fi/g_match?id= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 229 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 839 B	297ms 296ms	Ping text/plain	2.23.7.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.7.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-23-7-42.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id abb58a4f.2f896e61 date Wed, 21 Feb 2024 20:41:45 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240221204145EEA1D8210C7821EE103B-54CC821A9F139D2B-00 x-cache TCP_MISS from a2-23-7-38.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-) x-parent-response-time 142,2.23.7.38 server-timing cdn-cache; desc=MISS, edge; dur=136, origin; dur=27, inner; dur=21 content-length 0 pragma no-cache server nginx x-tt-logid 20240221204145EEA1D8210C7821EE103B x-cache-remote TCP_MISS from a23-218-222-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.1-54226592) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 27,23.218.222.76 x-tt-trace-host 018ebc4d9ec07b295a605f57a2ea37c4b52e9d5f09b8eabcc1e3fae85ecd1b1bf2301b172f9c1ae2fcd7c8116810a779be691077c8968aa85eb0cf8fc6ec42338f3624927f1c84e6ea246be25efdd4f6cc82a82a0ff290db0d8aa4db557f702d095d86ab70d9ae103b9e0195e677af66ce access-control-allow-headers Authorization,* expires Wed, 21 Feb 2024 20:41:45 GMT
POST H2	200	p tr6.snapchat.com/	0 45 B	59ms 33ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr6.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains x-envoy-upstream-service-time 3 via 1.1 google server API Gateway alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	ord=1708548105401 alpixtrack.com/ad/	35 B 271 B	373ms 120ms	Image image/gif	130.211.141.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://alpixtrack.com/ad/ord=1708548105401?prd=web&cust=3770542-617-WISN&event_type=visit&version=0.1.2&utm_source=unk&utm_mdm=unk&url=https%3A%2F%2Fwww.ecu.com%2F&title=Home%20%7C%20Educators%20Credit%20Union&sess_status=st&sess=1708548937239&ref= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 130.211.141.45 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.141.211.130.bc.googleusercontent.com Software nginx/1.20.0 / Resource Hash 3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Date Wed, 21 Feb 2024 20:41:45 GMT Server nginx/1.20.0 ETag "560c609e-23" Vary Origin Content-Type image/gif Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 35
GET H2	200	en-US.json Show response cdn.userway.org/widgetapp/2024-02-15-11-56-38/locales/	584 B 994 B	8ms 7ms	XHR application/json	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/locales/en-US.json Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 4567876fcf8cf5d3172e3480a6aa88dd93256382e679fabce001db8f6ae8a935 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:45 GMT via 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 452 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 549178 x-accel-date 1707998927 x-77-nzt EgwB1GY4sQH3OmEIAAwBJRPCNAH3HAAAAA x-accel-expires @1733918899 x-77-age 549206 last-modified Thu, 15 Feb 2024 11:59:08 GMT server CDN77-Turbo etag W/"28f82e109ea7eca81f3f925805ed936a" x-77-nzt-ray 1cb09c0e492906800960d66528600719 access-control-max-age 3000 vary Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/json x-amz-cf-id amyHd7yNi9_eBLBPhTHjDyu_7Py4YbuXOFAge00njdrD47wZWlDhaw==
OPTIONS H2	200	527d8734-e6b9-47f3-9f18-174741407e3b api.salemove.com/sites/968111e8-8800-4cec-b46e-f731f70e1238/visitors/ Frame	0 0	306ms 306ms	Preflight	2600:9000:26da:7000:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.salemove.com/sites/968111e8-8800-4cec-b46e-f731f70e1238/visitors/527d8734-e6b9-47f3-9f18-174741407e3b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:7000:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method PATCH Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-headers authorization,content-type access-control-allow-methods GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 content-length 0 date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront) x-amz-cf-id dEymwAUHJWNfyUtV_R9MEEQOZa6W-SqgFvbvJVfnSDK-YrlMADRP9w== x-amz-cf-pop MUC50-P4 x-cache Miss from cloudfront
PATCH H2	200	527d8734-e6b9-47f3-9f18-174741407e3b Show response api.salemove.com/sites/968111e8-8800-4cec-b46e-f731f70e1238/visitors/	194 B 631 B	320ms 320ms	XHR application/json	2600:9000:26da:7000:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.salemove.com/sites/968111e8-8800-4cec-b46e-f731f70e1238/visitors/527d8734-e6b9-47f3-9f18-174741407e3b Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-4cc45cbed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:7000:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 89582f0ccd0ddc7d5fe8f40b67c27562e7a41c76930ccca0e71aee48f562f727 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept application/vnd.salemove.private+json Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 Authorization Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjRjMmM1YTUzLTk3YjktNGI2YS05M2QzLTg1MjAyMDBlNmY0NyJ9.eyJpYXQiOjE3MDg1NDgxMDQsImV4cCI6MTcwOTc1NzcwNCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjo1MjdkODczNC1lNmI5LTQ3ZjMtOWYxOC0xNzQ3NDE0MDdlM2IiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiNTI3ZDg3MzQtZTZiOS00N2YzLTlmMTgtMTc0NzQxNDA3ZTNiIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6Ijk2ODExMWU4LTg4MDAtNGNlYy1iNDZlLWY3MzFmNzBlMTIzOCIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiOTY4MTExZTgtODgwMC00Y2VjLWI0NmUtZjczMWY3MGUxMjM4Il19XSwiYWNjb3VudF9pZCI6IjQzZjc5ZjFkLWVjYTYtNDQwMC04ZThjLWZlZDgzOTQwYmY4ZSJ9.6X4UdDPL6A7CKSeM0hRwJbJor3wfzi3tBqmTNH1bx12ilCYib6evvpgy-FO2wVS3Dayv3y2FdPYnKCtJoUUERw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type application/json Response headers date Wed, 21 Feb 2024 20:41:46 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 access-control-max-age 7200 access-control-allow-methods GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS content-type application/json access-control-allow-origin * x-cache Miss from cloudfront access-control-expose-headers vary Origin content-length 194 x-amz-cf-id 8RSZ6axoj4ZQnr0s3XgDpJhq7O9y2WEBXBfGJG2KtbDSNWakpPH4xw==
GET H2	200	engageware-bundle.js Show response integration-cdn.silvercloudinc.com/js/bundle/	297 KB 96 KB	40ms 10ms	XHR application/javascript	18.173.154.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integration-cdn.silvercloudinc.com/js/bundle/engageware-bundle.js Requested by Host: integration.silvercloudinc.com URL: https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-30.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 0f81b3adc37eb5883ec7ecb6f72eb3c5a1ccbc4a48aa00fe040f4772cabb7663 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 03:45:08 GMT content-encoding gzip via 1.1 7ad01e16cb039e6f25a50f4e294fd0ae.cloudfront.net (CloudFront) last-modified Thu, 08 Feb 2024 01:43:07 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 60998 x-amz-server-side-encryption AES256 etag W/"ce66843e1890a32466e823b14fce4795" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id e2aHnR1jbbr7z-OXEeUBeK4xXcytF4iaXxFMAeR-Us3UKL98RNbjpQ==
POST H3	200	p tr.snapchat.com/	0 15 B	21ms 21ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway access-control-allow-origin https://www.ecu.com x-envoy-upstream-service-time 1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 21 Feb 2024 19:48:09 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3216 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 21 Feb 2024 21:48:09 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	220 KB 79 KB	30ms 30ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZQGZZQ8T72 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0c4c1f85d22980038685258c6fb7936e37316f9a148142675141e8050f3f644f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80798 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 21 Feb 2024 20:41:45 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	220 KB 79 KB	23ms 23ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZQGZZQ8T72&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTWHZ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bf5ae8387605bdb4d512f1251350ba132651e0f55d16429111fa67e8982eac3b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80827 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 21 Feb 2024 20:41:45 GMT
GET H2	200	0.engageware-bundle.js Show response integration-cdn.silvercloudinc.com/js/bundle/	40 KB 13 KB	35ms 14ms	Script application/javascript	18.173.154.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integration-cdn.silvercloudinc.com/js/bundle/0.engageware-bundle.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-30.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash ae0f29c946addaafb2d03d235b29344312befc89ce7ecd1550ed18776b4fdec4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 13:56:55 GMT content-encoding gzip via 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront) last-modified Thu, 08 Feb 2024 01:43:07 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 55080 x-amz-server-side-encryption AES256 etag W/"02b09c57582caefc23ff5f297ab13bc6" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id frYIkWgbWcIq6yxzqltiRPMr7xxUyNXLyEuPW1G_Nbbaaiw9PAf_Ww==
GET H2	200	10.engageware-bundle.js Show response integration-cdn.silvercloudinc.com/js/bundle/	32 KB 11 KB	37ms 16ms	Script application/javascript	18.173.154.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integration-cdn.silvercloudinc.com/js/bundle/10.engageware-bundle.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-30.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 13ba279574b18419c63a86a4a1ee4de62faf5271e74fdb040007839eab5c8816 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 06:50:47 GMT content-encoding gzip via 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront) last-modified Thu, 08 Feb 2024 01:43:07 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 49859 etag W/"4c4c5c0f50a4ebc11f6947cc3135487e" x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id fxfX-1MLQOp1HMf-UEwxLNnaRu5y7g7X1QZbWymqBaSA12eG--wVfw==
POST H2	201	sources_triggered Show response api.salemove.com/overseer/	2 B 507 B	327ms 327ms	XHR application/json	2600:9000:26da:7000:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.salemove.com/overseer/sources_triggered Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-4cc45cbed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:7000:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept application/vnd.salemove.private+json Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 Authorization Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjRjMmM1YTUzLTk3YjktNGI2YS05M2QzLTg1MjAyMDBlNmY0NyJ9.eyJpYXQiOjE3MDg1NDgxMDQsImV4cCI6MTcwOTc1NzcwNCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjo1MjdkODczNC1lNmI5LTQ3ZjMtOWYxOC0xNzQ3NDE0MDdlM2IiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiNTI3ZDg3MzQtZTZiOS00N2YzLTlmMTgtMTc0NzQxNDA3ZTNiIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6Ijk2ODExMWU4LTg4MDAtNGNlYy1iNDZlLWY3MzFmNzBlMTIzOCIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiOTY4MTExZTgtODgwMC00Y2VjLWI0NmUtZjczMWY3MGUxMjM4Il19XSwiYWNjb3VudF9pZCI6IjQzZjc5ZjFkLWVjYTYtNDQwMC04ZThjLWZlZDgzOTQwYmY4ZSJ9.6X4UdDPL6A7CKSeM0hRwJbJor3wfzi3tBqmTNH1bx12ilCYib6evvpgy-FO2wVS3Dayv3y2FdPYnKCtJoUUERw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type application/json Response headers date Wed, 21 Feb 2024 20:41:46 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 access-control-max-age 7200 access-control-allow-methods ["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"] content-type application/json access-control-allow-origin https://www.ecu.com x-cache Miss from cloudfront access-control-expose-headers vary Origin access-control-allow-headers Content-Type, Accept, Authorization content-length 2 x-amz-cf-id Cvh7g5gabAwJgxQ33Z3adXpRpyrciy1ry16sRKIsHKQlOPPzaJWwwQ==
OPTIONS H2	200	sources_triggered api.salemove.com/overseer/ Frame	0 0	314ms 313ms	Preflight	2600:9000:26da:7000:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.salemove.com/overseer/sources_triggered Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:7000:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-headers authorization,content-type access-control-allow-methods GET, PUT, PATCH, POST, DELETE, OPTIONS access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 date Wed, 21 Feb 2024 20:41:45 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront) x-amz-cf-id TRJ7UmEIedRjXR3rASBQ6fg2ZUn5LoHCbNSOg8PDW8TMDX31Trlk6Q== x-amz-cf-pop MUC50-P4 x-cache Miss from cloudfront
OPTIONS H2	204	/ litho.silvercloudinc.com/console/integration_widgets/60c35b7924c0674546b9a2d4/ Frame	0 0	337ms 337ms	Preflight	108.138.36.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/console/integration_widgets/60c35b7924c0674546b9a2d4/?product_id=60c27855d1a5b56c6e7383ba Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-120.muc50.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Type,Accept,Authorization access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, HEAD access-control-allow-origin https://www.ecu.com access-control-max-age 1728000 date Wed, 21 Feb 2024 20:41:45 GMT server nginx/1.14.0 (Ubuntu) via 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront) x-amz-cf-id KLrlzobJ_RNZ-DHKJoQxyTAuLjnErCiDqANshqvF36y4bcSroZDJAw== x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront
GET H2	200	/ Show response litho.silvercloudinc.com/console/integration_widgets/60c35b7924c0674546b9a2d4/	3 KB 2 KB	394ms 394ms	XHR application/json	108.138.36.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/console/integration_widgets/60c35b7924c0674546b9a2d4/?product_id=60c27855d1a5b56c6e7383ba Requested by Host: integration-cdn.silvercloudinc.com URL: https://integration-cdn.silvercloudinc.com/js/bundle/0.engageware-bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-120.muc50.r.cloudfront.net Software nginx/1.14.0 + Phusion Passenger(R) 6.0.18 / Phusion Passenger(R) Enterprise 6.0.18 Resource Hash d376a410a8c22e079a6a5bf682ed7ea73198efc691757fc282f1c4f2fb021e5d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept application/json,text/plain,*/*;version=1 Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 Authorization Token eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI1YjJiZDVlM2MxOTU5NDc2OTJhZTcwZjAiLCJpYXQiOjE2MjU4MzI2MzQsImF1ZCI6WyJ3d3cuZWN1LmNvbSIsInd3dy5lY3UuY29tIiwiZWN1LmNvbSIsImVjdS5jb20iLCJlZHVjYXRvcnNzdGFnaW5nLm9yYi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9yc3N0YWdpbmcub3JiLmFsa2FtaXRlY2guY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwiZWR1Y2F0b3JzLnFhMTAuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWExMC5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTQuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWE0LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMy5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTMuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWEyLmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5kZXYuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMuZGV2LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLmxvY2FsIiwiZWR1Y2F0b3JzLmxvY2FsIiwic3RhZ2luZ2VjdS53cGVuZ2luZS5jb20iLCJzdGFnaW5nZWN1LndwZW5naW5lLmNvbSIsImVjdS5waXhlbHNwb2tlLXN0YWdpbmcuY29tIiwiZWN1LnBpeGVsc3Bva2Utc3RhZ2luZy5jb20iXSwicHJvZHVjdF9pZHMiOlsiNjBjMjc4NTVkMWE1YjU2YzZlNzM4M2JhIiwiNWIyYmQ1MWMzODdmMjMyMWUxZTY1NDE0Il19.-nQum5UERx-Eor_cmd1CUVjZd8BiIBLuDxX7DT63H_g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:46 GMT strict-transport-security max-age=31536000 content-encoding gzip via 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 x-powered-by Phusion Passenger(R) Enterprise 6.0.18 x-cache Miss from cloudfront status 200 OK x-request-id 9874d866-f6bc-41ea-b49e-6084e6ded68f x-runtime 0.062734 server nginx/1.14.0 + Phusion Passenger(R) 6.0.18 etag W/"d376a410a8c22e079a6a5bf682ed7ea7" access-control-max-age 7200 access-control-allow-methods OPTIONS, GET, POST, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://www.ecu.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id JnL9N2zTiiVEhN-UuFWTwR1SBSjdNoQNUNCiDmhcvP6MHQ0kMjbRWg==
OPTIONS H/1.1	204 No Content	event connect.segmint.net/ Frame	0 0	736ms 96ms	Preflight	54.163.124.22 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/event Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.163.124.22 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-163-124-22.compute-1.amazonaws.com Software openresty / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS, HEAD Access-Control-Allow-Origin https://www.ecu.com Access-Control-Max-Age 1728000 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Date Wed, 21 Feb 2024 20:41:46 GMT Expires 0 P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Pragma no-cache Server openresty
POST H/1.1	200 OK	event Show response connect.segmint.net/	0 636 B	123ms 108ms	XHR text/plain	54.163.124.22 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/event Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.163.124.22 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-163-124-22.compute-1.amazonaws.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type application/json Response headers Pragma no-cache Date Wed, 21 Feb 2024 20:41:46 GMT Server openresty P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Access-Control-Allow-Origin https://www.ecu.com Content-Type text/plain;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-Application-Context site-event-receiver-service:prod:7084 Expires 0
GET H/1.1	200 OK	en1qq5qnM4 Show response connect.segmint.net/iframe/doughnut/ Frame 97B2	509 B 1 KB	789ms 150ms	Document text/html	54.163.124.22 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/iframe/doughnut/en1qq5qnM4 Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.163.124.22 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-163-124-22.compute-1.amazonaws.com Software openresty / Resource Hash 0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ecu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Credentials true Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Language de-DE Content-Length 307 Content-Type text/html;charset=UTF-8 Date Wed, 21 Feb 2024 20:41:45 GMT Expires 0 P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Pragma no-cache Server openresty Vary Accept-Encoding X-Application-Context offer-delivery:prod:7074 X-B3-Sampled 1 X-B3-SpanId dbc8f76eff705f30 X-B3-TraceId dbc8f76eff705f30 X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	en1XX5XkM4fGE9 Show response connect.segmint.net/bearclaw/invoke/	2 KB 2 KB	749ms 105ms	XHR application/json	54.163.124.22 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/bearclaw/invoke/en1XX5XkM4fGE9?new_window=true Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.163.124.22 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-163-124-22.compute-1.amazonaws.com Software openresty / Resource Hash 60489e131802267cb0b409742cf8eed6d66703fde173d1a3dd2c14cf648850e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Date Wed, 21 Feb 2024 20:41:46 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Decision-Count 1 X-B3-TraceId 95cdebdb64cb939 X-PartnerId 87563018 P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Connection keep-alive X-DecisionId 26bddec8-7663-467f-be31-bff28491c043 X-MediaId 56553 X-Application-Context offer-delivery:prod:7074 Content-Length 684 X-XSS-Protection 1; mode=block Pragma no-cache X-Known-Consumer false Server openresty Vary Accept-Encoding, Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://www.ecu.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true X-B3-SpanId 95cdebdb64cb939 X-B3-Sampled 1 X-Targeted false Expires 0
GET H2	200	remediation_1707998198539.js Show response cdn.userway.org/widgetapp/2024-02-15-11-56-38/remediation/	108 KB 30 KB	19ms 18ms	Script application/javascript	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/remediation/remediation_1707998198539.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash c7ce4dfa75ec1dd0d3e521e61c576fb84789807d7838928af218bea10587233b Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:45 GMT via 1.1 098a60d50e7e132c276fd27b94c6212c.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 443 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 549178 x-accel-date 1707998927 x-77-nzt EgwB1GY4sQH3OmEIAAwBnJIhHwH3HAAAAA x-accel-expires @1733918899 x-77-age 549206 last-modified Thu, 15 Feb 2024 11:59:08 GMT server CDN77-Turbo etag W/"1a7db4f9198403f1c7fc312f13fdb87b" x-77-nzt-ray 1cb09c0e492906800960d665812a3237 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id s_bq5zpvgiNf7OJGE2X6IpWJ5J_7n-y3PO_ItMQJaM-X-mN4N8rO9Q==
GET H2	200	cZxPmkgp6YHwCyo9.json Show response cdn.userway.org/remediations/consolidated/2883316/	25 KB 8 KB	17ms 17ms	XHR application/json	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/remediations/consolidated/2883316/cZxPmkgp6YHwCyo9.json Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 010718c5f64e28adbd76587b8d2d9a595a44fb00e0dda3558ba542e39c8c79ed Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:45 GMT via 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop DUS51-P1 age 3511 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 17190 x-accel-date 1708530915 x-77-nzt EgwB1GY4sQHXJkMAAAwBisclxAH3miQHAA x-accel-expires @1739598793 x-77-age 485312 last-modified Fri, 16 Feb 2024 04:52:42 GMT server CDN77-Turbo etag W/"9403e7632bfa302f05c3e628c008b5d2" x-77-nzt-ray 1cb09c0e492906800960d66546e21f37 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control public, max-age=31536000 content-type application/json x-amz-cf-id QzzlBlUHRsMoOJ3Htf2BBh67Fbs2MfbW8AJbz8xpBZ6xpf_XZKmbfQ==
GET H2	200	live_translations_1707998198539.js Show response cdn.userway.org/widgetapp/2024-02-15-11-56-38/translations/	8 KB 4 KB	19ms 19ms	Script application/javascript	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/translations/live_translations_1707998198539.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 9b758071d797fa47a5765a6cc47479fd22dfe182ffb7e79f38290182b48a6b50 Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:45 GMT via 1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 265 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 549133 x-accel-date 1707998972 x-77-nzt EgwB1GY4sQH3DWEIAAwBJRPCNAH3RQAAAA x-accel-expires @1733918903 x-77-age 549202 last-modified Thu, 15 Feb 2024 11:59:09 GMT server CDN77-Turbo etag W/"4d6e82d5090a4f33a26005f6b9801a5a" x-77-nzt-ray 1cb09c0e492906800960d665ee013b37 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id ajqrCDcocPRfO4DWciFRqwBxUu68hsOqGTh56t6tfafTn0348E6dkQ==
GET H2	200	body_wh.svg cdn.userway.org/widgetapp/images/	4 KB 3 KB	12ms 11ms	Image image/svg+xml	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/body_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:45 GMT via 1.1 e161fd49d3d858d9f9d1d337fc91ce8e.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 9 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 549182 x-accel-date 1707998923 x-77-nzt EgwB1GY4sQH3PmEIAAwBnJIhJwH3EwAAAA x-accel-expires @1733918904 x-77-age 549201 last-modified Wed, 27 Dec 2023 13:17:34 GMT server CDN77-Turbo etag W/"1d8b1582fe82bd329041cc1982ad42e4" x-77-nzt-ray 1cb09c0e1512557f0960d6659737c638 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type image/svg+xml x-amz-cf-id eNBWRNfmzsTijPdqOjmOl_LOPOYsp21FLaIoJe2XkAlX1kWef19dhg==
GET H2	200	spin_wh.svg cdn.userway.org/widgetapp/images/	2 KB 1 KB	13ms 13ms	Image image/svg+xml	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/spin_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:45 GMT via 1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 3 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 549182 x-accel-date 1707998923 x-77-nzt EgwB1GY4sQH3PmEIAAwB1GY4EQH3GQAAAA x-accel-expires @1733918898 x-77-age 549207 last-modified Fri, 13 Jan 2023 11:00:14 GMT server CDN77-Turbo etag W/"8e0a35946bf39d10f46a1f1653366a0a" x-77-nzt-ray 1cb09c0e1512557f0960d6650fe2cd38 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type image/svg+xml x-amz-cf-id t9fyOgTfSFLSne0rwz2PNZ3aKv2Lg-FOCM3ccjt95VDu-mEBVkv-EQ==
GET H2	200	remediation-tool.js Show response cdn.userway.org/remediation/paid/	52 KB 19 KB	10ms 10ms	Script application/javascript	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1707998198539 Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 5a7b640e8517807cdbf5ec562362e86bedcb0bc1a50579d017c69ae79381e203 Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:45 GMT via 1.1 38dab0d877593711162f7409f4fc8fca.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 447 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 549178 x-accel-date 1707998927 x-77-nzt EgwB1GY4sQH3OmEIAAwBnJIhJwH3FwAAAA x-accel-expires @1733918904 x-77-age 549201 last-modified Thu, 15 Feb 2024 11:59:13 GMT server CDN77-Turbo etag W/"bb5993f920ccb16e331ade6f6ad35677" x-77-nzt-ray 1cb09c0e492906800960d665a45b3e39 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id KwGVlJVicHM9QxMB-c7Jio_yCNrPF4i-P5oYYactQGBIkOEZYpJeEw==
GET H2	200	cZxPmkgp6YHwCyo9.json Show response cdn.userway.org/remediations/consolidated/2883316/	25 KB 8 KB	75ms 74ms	Fetch application/json	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/remediations/consolidated/2883316/cZxPmkgp6YHwCyo9.json Requested by Host: cdn.userway.org URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1707998198539 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 010718c5f64e28adbd76587b8d2d9a595a44fb00e0dda3558ba542e39c8c79ed Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:45 GMT via 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop DUS51-P1 age 3511 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 17190 x-accel-date 1708530915 x-77-nzt EgwB1GY4sQHXJkMAAAwBisclxAH3miQHAA x-accel-expires @1739598793 x-77-age 485312 last-modified Fri, 16 Feb 2024 04:52:42 GMT server CDN77-Turbo etag W/"9403e7632bfa302f05c3e628c008b5d2" x-77-nzt-ray 1cb09c0e492906800960d6656939313a access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control public, max-age=31536000 content-type application/json x-amz-cf-id QzzlBlUHRsMoOJ3Htf2BBh67Fbs2MfbW8AJbz8xpBZ6xpf_XZKmbfQ==
GET H/1.1	200 OK	f386ea1487e544d5941572f18672696c.png cdn.segmint.net/	1 MB 1 MB	25ms 24ms	Image image/png	18.245.31.94 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.segmint.net/f386ea1487e544d5941572f18672696c.png?cb=629220103 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.245.31.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-31-94.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 16ff7ab0a954ca9babaec33332c966de577aa80cc734ac9dfc3169bc8abe64ac Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Date Wed, 21 Feb 2024 07:20:07 GMT Via 1.1 9eb1733bea847c3a8f4910adebcc8146.cloudfront.net (CloudFront) Last-Modified Mon, 30 Oct 2023 19:28:06 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-P8 Age 48099 ETag "9e7c720e5fdd3bf01e3b9a11ef9dd325" x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1065458 X-Amz-Cf-Id RD8fO1_ycz3_yl2O9LHVbRjKT52XvGjkiSvSB5LBSL_tcHphn3DHrg==
GET H/1.1	200 OK	cookie-mapper maprtb.segmint.net/rtb/simpli-fi/ Frame 97B2 Redirect Chain https://um.simpli.fi/segmint https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B6A52239F9234E5995A9C3BB02E9EDBE	43 B 412 B	445ms 110ms	Image image/gif	54.163.124.22 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B6A52239F9234E5995A9C3BB02E9EDBE Requested by Host: connect.segmint.net URL: https://connect.segmint.net/iframe/doughnut/en1qq5qnM4 Protocol HTTP/1.1 Server 54.163.124.22 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-163-124-22.compute-1.amazonaws.com Software openresty / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Pragma no-cache Date Wed, 21 Feb 2024 20:41:46 GMT Server openresty X-B3-TraceId c0ad34e0b2f4f13d Content-Type image/gif; charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate X-B3-SpanId c0ad34e0b2f4f13d X-B3-Sampled 1 Connection keep-alive Content-Length 43 X-Application-Context cookie-mapper:prod:7077 Expires 0 Redirect headers date Wed, 21 Feb 2024 20:41:46 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B6A52239F9234E5995A9C3BB02E9EDBE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 20 Feb 2024 20:41:46 GMT
GET H2	200	ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response tag.simpli.fi/sifitag/ Frame 97B2	3 KB 1 KB	26ms 26ms	Script application/javascript	35.204.89.238 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6 Requested by Host: connect.segmint.net URL: https://connect.segmint.net/iframe/doughnut/en1qq5qnM4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 238.89.204.35.bc.googleusercontent.com Software openresty / Resource Hash 173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132 Request headers accept-language de-DE,de;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:46 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 x-request-id F7X7c1vHVWGjRfN-R1KC expires Thu, 01 Jan 1970 00:00:00 GMT
OPTIONS H2	200	alts.json cdn77.api.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/jYfpKhfViQGdsNzE/ Frame	0 0	291ms 184ms	Preflight	2a02:6ea0:c700::22 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn77.api.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/jYfpKhfViQGdsNzE/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fplugins%2Ftranslatepress-multilingual%2Fassets%2Fimages%2Fflags%2Fes_ES.png%22%2C%22alt%22%3A%22es_ES%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type access-control-max-age 3000 cache-control max-age=604800 date Wed, 21 Feb 2024 20:41:46 GMT server CDN77-Turbo x-77-cache MISS x-77-nzt EggB1GY4tAAACAGKxyXBAAA x-77-nzt-ray 6d204d11d68159c10a60d665765fcd27 x-77-pop frankfurtDE x-service-version img-dscr-srv-68fc3506
GET H2	200	ecumark-mobileApp.svg www.ecu.com/wp-content/themes/ecu-theme/images/	666 KB 421 KB	270ms 269ms	Image image/svg+xml	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/ecumark-mobileApp.svg Requested by Host: cdn.userway.org URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1707998198539 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 4b3dadec3ffb6af4b6208bac736bd9cc29bd986ed389c9defabcda01b8597f5d Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:46 GMT content-encoding br last-modified Tue, 06 Dec 2022 16:19:38 GMT server nginx etag W/"638f6b9a-a66f0" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	equal_housing.svg www.ecu.com/wp-content/themes/ecu-theme/images/	8 KB 3 KB	751ms 751ms	Image image/svg+xml	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/equal_housing.svg Requested by Host: cdn.userway.org URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1707998198539 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 95b89098712b8790b20f8d9957f71858f939471213211c81b35c9806f339afd7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:46 GMT content-encoding br last-modified Tue, 29 Jun 2021 22:53:09 GMT server nginx etag W/"60dba455-1e86" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	ncua_logo.svg www.ecu.com/wp-content/themes/ecu-theme/images/	41 KB 11 KB	752ms 751ms	Image image/svg+xml	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/ncua_logo.svg Requested by Host: cdn.userway.org URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1707998198539 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 3d599b0d25b104f5a1dde5172b614c304ec122c1449d1aa6d2d52347cc924329 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:46 GMT content-encoding br last-modified Fri, 02 Apr 2021 22:45:25 GMT server nginx etag W/"60679e85-a52a" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	204	0 bat.bing.com/action/	0 237 B	40ms 40ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=343046370&Ver=2&mid=cbe3b73f-175d-413a-93cb-f67e8354ca3c&sid=a048f340d0f911ee96f55f95c9c54e0f&vid=a048e690d0f911eeace43f187fc3eb7e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20%7C%20Educators%20Credit%20Union&p=https%3A%2F%2Fwww.ecu.com%2F&r=&lt=2128&evt=pageLoad&sv=1&rn=423646 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 21 Feb 2024 20:41:46 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 9A6502E5F1914778A939EFC507B6F447 Ref B: FRA31EDGE0222 Ref C: 2024-02-21T20:41:46Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	alts.json Show response cdn77.api.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/jYfpKhfViQGdsNzE/	280 B 804 B	36ms 36ms	Fetch application/json	2a02:6ea0:c700::22 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn77.api.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/jYfpKhfViQGdsNzE/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fplugins%2Ftranslatepress-multilingual%2Fassets%2Fimages%2Fflags%2Fes_ES.png%22%2C%22alt%22%3A%22es_ES%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D Requested by Host: cdn.userway.org URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1707998198539 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 5333eea619db328cad980765f9204ec66201cd9c30cb5cf3a2c6d9683cbe98ad Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type application/json Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:46 GMT content-encoding gzip x-77-cache HIT x-cache MISS x-accel-date 1708062796 x-service-version img-dscr-srv-68fc3506 x-77-nzt EggB1GY4tAFBDAGKxyXBAfe+ZwcA x-accel-expires @1708667596 x-77-age 485310 server CDN77-Turbo etag W/"118-cnznsvXfflQCxNz9iIinwjqZY4s" x-77-nzt-ray 6d204d11d68159c10a60d665cd9bba32 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type access-control-max-age 3000 cache-control max-age=604800 access-control-allow-headers *
GET H2	200	nav_menu_helper_1707998198539.js Show response cdn.userway.org/widgetapp/2024-02-15-11-56-38/remediation/	23 KB 7 KB	26ms 25ms	Script application/javascript	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/remediation/nav_menu_helper_1707998198539.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038 Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:46 GMT via 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 446 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 549177 x-accel-date 1707998929 x-77-nzt EgwB1GY4sQH3OWEIAAwBnJIhJwH3GQAAAA x-accel-expires @1733918904 x-77-age 549202 last-modified Thu, 15 Feb 2024 11:59:08 GMT server CDN77-Turbo etag W/"f270f813f648a284d50fe8f345c21bdc" x-77-nzt-ray 1cb09c0e492906800a60d665dcc56d39 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id 1XeuK-qT6jn4oSfhsYrzd0yUgnPC2TDus36BKMGmBuu0NIW4luoBHw==
GET H2	200	languages.js Show response cdn.userway.org/frontend/javascripts/	3 KB 2 KB	18ms 17ms	Script application/javascript	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/frontend/javascripts/languages.js?v=1707998198539 Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 2c87ef3e78b989661ac864768a075ff7caf8f640d75de8c1b4ab736cbbbb8a0a Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:47 GMT via 1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 264 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 549135 x-accel-date 1707998972 x-77-nzt EgwB1GY4sQH3D2EIAAwBJRPCMQH3RAAAAA x-accel-expires @1708862904 x-77-age 549203 last-modified Thu, 15 Feb 2024 11:58:45 GMT server CDN77-Turbo etag W/"d6f3475583dc4ddc79724225dae8a237" x-77-nzt-ray 1cb09c0e492906800b60d665e03da200 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=864000, public content-type application/javascript x-amz-cf-id tzzhChrGSuVQk0ho3_3iSqHjqEBn-qXR_v2UyV9hynw0OeH927swGg==
GET H2	200	flags.css cdn.userway.org/frontend/stylesheets/	12 KB 3 KB	19ms 18ms	Stylesheet text/css	2a02:6ea0:c700::21 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/frontend/stylesheets/flags.css?v=1707998198539 Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash abbb82404d324a3f396ebb62778e0c3c53d957e4bfecb086b63a4a5267940c3b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:47 GMT via 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop DUS51-P1 age 264 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 549131 x-accel-date 1707998976 x-77-nzt EgwB1GY4sQH3C2EIAAwBisclwQH3SAAAAA x-accel-expires @1708862904 x-77-age 549203 last-modified Thu, 15 Feb 2024 11:58:45 GMT server CDN77-Turbo etag W/"6e5623103608617c1538c4b88db5dfbc" x-77-nzt-ray 1cb09c0e1512557f0b60d66550e4a300 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=864000, public content-type text/css x-amz-cf-id 1Bw20dK9K0bBUoNWs0-fa4F2v6aJcBzL6IDkmvi8Ohr5n-S1At-qDQ==
GET H2	200	p Show response i.simpli.fi/ Frame 97B2	40 B 291 B	23ms 23ms	Script application/javascript	35.204.89.238 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 238.89.204.35.bc.googleusercontent.com Software openresty / Resource Hash 4024823caf7d29310cc3dab0e50fb3e3f4347ec7b3961f3fed0a9b83690dd85e Request headers accept-language de-DE,de;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers pragma no-cache date Wed, 21 Feb 2024 20:41:47 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	204 No Content	/ client-logger.salemove.com/	0 0	305ms 101ms	Fetch	52.3.14.134 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://client-logger.salemove.com/ Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-4cc45cbed.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.3.14.134 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-14-134.compute-1.amazonaws.com Software envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=31536000 date Wed, 21 Feb 2024 20:41:47 GMT server envoy vary Origin access-control-max-age 7200 access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers x-envoy-upstream-service-time 2
OPTIONS H2	200	alts.json cdn77.api.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/jYfpKhfViQGdsNzE/ Frame	0 0	174ms 174ms	Preflight	2a02:6ea0:c700::22 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn77.api.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/jYfpKhfViQGdsNzE/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fcdn.segmint.net%2Ff386ea1487e544d5941572f18672696c.png%22%2C%22alt%22%3A%22Welcome%20to%20Educators%20Credit%20Union%5CnWe%20can%20help%20turn%20your%20financial%20dreams%20into%20reality.%5CnJOIN%20TODAY%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FBobby-Portis_WebsiteHomepage-01-scaled.jpg%22%2C%22alt%22%3A%22Bobby%20Portis%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FFinancial-Literacy-For-Couples_Digital-Ads_2024-01_Blog-670x447-1.jpg%22%2C%22alt%22%3A%22a%20drawing%20of%20a%20man%20a%20man%20and%20woman%20talking%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2Fmobilebanking.jpg%22%2C%22alt%22%3A%22man%20on%20mobile%20device%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FSavers-Sweepstakes_Blog-Photos_2023-10_Anne-W_V1.jpg%22%2C%22alt%22%3A%22ANNE%20W%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FScholarship_Digital-Ad_2024-01_FIRST-ANNOUNCEMENT_Blog-300x200-1.jpg%22%2C%22alt%22%3A%22graduation%20caps%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2Fvideobanking.jpg%22%2C%22alt%22%3A%22couple%20on%20laptop%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fplugins%2Ftranslatepress-multilingual%2Fassets%2Fimages%2Fflags%2Fes_ES.png%22%2C%22alt%22%3A%22es_ES%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fapple_app_store_icon.png%22%2C%22alt%22%3A%22Apple%20App%20Store%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fecumark-mobileApp.svg%22%2C%22alt%22%3A%22Educators%20App%20on%20IOS%20app%20store%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Feducatorscu-logo_black.svg%22%2C%22alt%22%3A%22Educators%20CU%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fequal_housing.svg%22%2C%22alt%22%3A%22Equal%20Housing%20Opportunity%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fgoogle_play_icon.png%22%2C%22alt%22%3A%22Google%20Play%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Ficon_close.svg%22%2C%22alt%22%3A%22Close%20Search%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Ficon_search.svg%22%2C%22alt%22%3A%22Open%20Search%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fncua_logo.svg%22%2C%22alt%22%3A%22NCUA%20Logo%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type access-control-max-age 3000 cache-control max-age=604800 date Wed, 21 Feb 2024 20:41:48 GMT server CDN77-Turbo x-77-cache MISS x-77-nzt EggB1GY4tAAACAElE8IuAAA x-77-nzt-ray 6d204d11d68159c10c60d66540898f14 x-77-pop frankfurtDE x-service-version img-dscr-srv-68fc3506
GET H2	200	alts.json Show response cdn77.api.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/jYfpKhfViQGdsNzE/	3 KB 1 KB	13ms 13ms	Fetch application/json	2a02:6ea0:c700::22 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn77.api.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/jYfpKhfViQGdsNzE/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fcdn.segmint.net%2Ff386ea1487e544d5941572f18672696c.png%22%2C%22alt%22%3A%22Welcome%20to%20Educators%20Credit%20Union%5CnWe%20can%20help%20turn%20your%20financial%20dreams%20into%20reality.%5CnJOIN%20TODAY%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FBobby-Portis_WebsiteHomepage-01-scaled.jpg%22%2C%22alt%22%3A%22Bobby%20Portis%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FFinancial-Literacy-For-Couples_Digital-Ads_2024-01_Blog-670x447-1.jpg%22%2C%22alt%22%3A%22a%20drawing%20of%20a%20man%20a%20man%20and%20woman%20talking%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2Fmobilebanking.jpg%22%2C%22alt%22%3A%22man%20on%20mobile%20device%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FSavers-Sweepstakes_Blog-Photos_2023-10_Anne-W_V1.jpg%22%2C%22alt%22%3A%22ANNE%20W%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FScholarship_Digital-Ad_2024-01_FIRST-ANNOUNCEMENT_Blog-300x200-1.jpg%22%2C%22alt%22%3A%22graduation%20caps%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2Fvideobanking.jpg%22%2C%22alt%22%3A%22couple%20on%20laptop%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fplugins%2Ftranslatepress-multilingual%2Fassets%2Fimages%2Fflags%2Fes_ES.png%22%2C%22alt%22%3A%22es_ES%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fapple_app_store_icon.png%22%2C%22alt%22%3A%22Apple%20App%20Store%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fecumark-mobileApp.svg%22%2C%22alt%22%3A%22Educators%20App%20on%20IOS%20app%20store%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Feducatorscu-logo_black.svg%22%2C%22alt%22%3A%22Educators%20CU%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fequal_housing.svg%22%2C%22alt%22%3A%22Equal%20Housing%20Opportunity%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fgoogle_play_icon.png%22%2C%22alt%22%3A%22Google%20Play%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Ficon_close.svg%22%2C%22alt%22%3A%22Close%20Search%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Ficon_search.svg%22%2C%22alt%22%3A%22Open%20Search%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fncua_logo.svg%22%2C%22alt%22%3A%22NCUA%20Logo%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D Requested by Host: cdn.userway.org URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1707998198539 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash b300a08850b7933044312e69923e779a7d4e5b6b9c96dfd215fdcc56481ee22f Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Content-Type application/json Response headers x-77-pop frankfurtDE date Wed, 21 Feb 2024 20:41:48 GMT content-encoding gzip x-77-cache HIT x-cache MISS x-accel-date 1708063843 x-service-version img-dscr-srv-68fc3506 x-77-nzt EggB1GY4tAFBDAElE8IuAfepYwcA x-accel-expires @1708668643 x-77-age 484265 server CDN77-Turbo etag W/"c8a-gPj3535ybTJSzUXbQgo+CElQr70" x-77-nzt-ray 6d204d11d68159c10c60d665a248e01e vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type access-control-max-age 3000 cache-control max-age=604800 access-control-allow-headers *
GET H2	200	status Show response api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.ecu.com%2F/DESKTOP/WIDGET_ON/	77 B 455 B	173ms 173ms	Fetch application/json	2600:1f14:5db:eb00:7f23:50a1:5f33:d56d AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.ecu.com%2F/DESKTOP/WIDGET_ON/status Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-02-15-11-56-38/widget_app_base_1707998198539.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1f14:5db:eb00:7f23:50a1:5f33:d56d Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Wed, 21 Feb 2024 20:41:51 GMT etag W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY" access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control no-cache, no-store, must-revalidate vary Accept-Encoding access-control-allow-headers * content-length 77 x-service-version seo-w-4864f7c7