www.tdecu.org Open in urlscan Pro
3.17.197.235 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beyoubelong.info/
Effective URL:
https://www.tdecu.org/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On December 07 via api (December 7th 2023, 3:01:53 am UTC) from DE — Scanned from NL

Summary HTTP 167 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 77 IPs in 8 countries across 68 domains to perform 167 HTTP transactions. The main IP is 3.17.197.235, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.tdecu.org. The Cisco Umbrella rank of the primary domain is 591462.
TLS certificate: Issued by R3 on December 5th 2023. Valid for: 3 months.

This is the only time www.tdecu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3032::6815:5690	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	3.17.197.235 3.17.197.235	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:1a54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::ac43:44d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.63.252 192.0.63.252	62659 (Q2HOLDINGS) (Q2HOLDINGS)
2	2600:9000:264... 2600:9000:2646:2800:17:4c3f:1b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:2... 2600:1901:0:22e6::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15	2600:9000:223... 2600:9000:223c:400:10:1005:db40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:1954	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:bdf::67 2620:1ec:bdf::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223d:dc00:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2600:9000:264... 2600:9000:2644:5400:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:206... 2600:9000:206f:9400:0:99b9:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2	3.17.53.221 3.17.53.221	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1	104.237.62.212 104.237.62.212	18450 (WEBNX) (WEBNX)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:fea5:fbe:6689:e04c	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
3	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 11	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	23.35.228.210 23.35.228.210	16625 (AKAMAI-AS) (AKAMAI-AS)
3	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.74.227.215 54.74.227.215	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.127.104.80 3.127.104.80	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1	2607:ae80:192... 2607:ae80:192:1::173	26558 (FREEWHEEL) (FREEWHEEL)
1	52.59.98.46 52.59.98.46	16509 (AMAZON-02) (AMAZON-02)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 6	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
3 4	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
2 3	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.170.64.73 54.170.64.73	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.240.243.8 34.240.243.8	16509 (AMAZON-02) (AMAZON-02)
1	52.92.16.32 52.92.16.32	16509 (AMAZON-02) (AMAZON-02)
1	89.163.240.121 89.163.240.121	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	18.203.91.219 18.203.91.219	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.66.72 65.9.66.72	16509 (AMAZON-02) (AMAZON-02)
2 3	52.208.123.102 52.208.123.102	16509 (AMAZON-02) (AMAZON-02)
2 2	54.74.69.97 54.74.69.97	16509 (AMAZON-02) (AMAZON-02)
1 1	63.34.248.140 63.34.248.140	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	52.57.12.239 52.57.12.239	16509 (AMAZON-02) (AMAZON-02)
4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.183 216.46.185.183	13649 (ASN-FLEXE...) (ASN-FLEXENTIAL)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:ce00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	3.120.117.184 3.120.117.184	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.106 13.32.27.106	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.45 18.66.122.45	16509 (AMAZON-02) (AMAZON-02)
1	54.154.232.97 54.154.232.97	16509 (AMAZON-02) (AMAZON-02)
1	44.199.106.16 44.199.106.16	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1901:0:4... 2600:1901:0:476d::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:8... 2600:1901:0:891c::	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.202.124.231 18.202.124.231	16509 (AMAZON-02) (AMAZON-02)
1	52.7.4.58 52.7.4.58	14618 (AMAZON-AES) (AMAZON-AES)
167	77

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beyoubelong.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5690 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.beyoubelong.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.17.197.235 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-197-235.us-east-2.compute.amazonaws.com

www.tdecu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:1a54 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.sitescdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:44d6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.63.252 (United States)

ASN62659 (Q2HOLDINGS, US)

cds-sdkcfg.onlineaccess1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:2800:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.glia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:22e6:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

app-script.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:223c:400:10:1005:db40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.tdecu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:1954 (United States)

ASN13335 (CLOUDFLARENET, US)

answersstatus.pagescdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:dc00:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

162566.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2644:5400:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:206f:9400:0:99b9:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

libs.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.17.53.221 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-53-221.us-east-2.compute.amazonaws.com

collector-29653.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.62.212 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:fea5:fbe:6689:e04c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.49 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.6.233 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.227.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-227-215.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.104.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-104-80.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.98.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-98-46.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.243.51.121 (Denmark) 5 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.46 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.64.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-64-73.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.243.8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-243-8.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.16.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.240.121 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm46.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.91.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-72.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.208.123.102 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-123-102.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.69.97 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-69-97.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.248.140 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-248-140.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.12.239 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-239.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.183 (Aurora, United States)

ASN13649 (ASN-FLEXENTIAL, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:ce00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.117.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-117-184.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-106.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-45.fra60.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.232.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-232-97.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.199.106.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-106-16.compute-1.amazonaws.com

ftrk.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:476d:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

heatmaps.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:891c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

tracking.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.124.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-124-231.eu-west-1.compute.amazonaws.com

directory.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.4.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-4-58.compute-1.amazonaws.com

client-logger.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	tdecu.org www.tdecu.org — Cisco Umbrella Rank: 591462 cdn2.tdecu.org — Cisco Umbrella Rank: 666105	976 KB
15	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 6115 a2.adform.net — Cisco Umbrella Rank: 8098 c1.adform.net — Cisco Umbrella Rank: 560 dmp.adform.net — Cisco Umbrella Rank: 2870	42 KB
10	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2199 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 4875 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 4900 tracking.crazyegg.com — Cisco Umbrella Rank: 4175 ftrk.crazyegg.com — Cisco Umbrella Rank: 239808	90 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 p.clarity.ms — Cisco Umbrella Rank: 7833 c.clarity.ms — Cisco Umbrella Rank: 1377	24 KB
7	salemove.com libs.salemove.com — Cisco Umbrella Rank: 19253 client-logger.salemove.com — Cisco Umbrella Rank: 14212	406 KB
6	semasio.net 5 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1234 se.semasio.net — Cisco Umbrella Rank: 21526	3 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	302 B
6	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	3 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2954	75 KB
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3061 d.adroll.com — Cisco Umbrella Rank: 1380	27 KB
5	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1355 match.adsrvr.org — Cisco Umbrella Rank: 331 insight.adsrvr.org — Cisco Umbrella Rank: 557	3 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 329 c.bing.com — Cisco Umbrella Rank: 228	16 KB
5	gstatic.com fonts.gstatic.com	71 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	154 KB
4	monsido.com app-script.monsido.com — Cisco Umbrella Rank: 10760 heatmaps.monsido.com — Cisco Umbrella Rank: 18549 tracking.monsido.com — Cisco Umbrella Rank: 9854	7 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2112	2 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 408	834 B
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1661 load77.exelator.com — Cisco Umbrella Rank: 3503	2 KB
3	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 848 tags.bluekai.com — Cisco Umbrella Rank: 638	1 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	762 B
3	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 10335	54 KB
3	sitescdn.net assets.sitescdn.net — Cisco Umbrella Rank: 9852	206 KB
2	cookieyes.com directory.cookieyes.com — Cisco Umbrella Rank: 12527 log.cookieyes.com — Cisco Umbrella Rank: 11277	426 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12816	628 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	1 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 9642	562 B
2	tvsquared.com collector-29653.us.tvsquared.com — Cisco Umbrella Rank: 660199	9 KB
2	tctm.co 162566.tctm.co — Cisco Umbrella Rank: 668711	16 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	195 KB
2	glia.com api.glia.com — Cisco Umbrella Rank: 15222	21 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1855	44 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 23748	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	236 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	921 B
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 1812	72 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 499	489 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 20737	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 723	225 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	337 B
1	adsafety.net cm.adsafety.net — Cisco Umbrella Rank: 21125	577 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 23648	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2473	264 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 799	266 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 981	344 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 526	639 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	114 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4608	38 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 461	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	235 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 666	199 B
1	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1808	543 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 20484	467 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2843	205 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1387	637 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1266	8 KB
1	pagescdn.com answersstatus.pagescdn.com — Cisco Umbrella Rank: 46669	898 B
1	onlineaccess1.com cds-sdkcfg.onlineaccess1.com — Cisco Umbrella Rank: 16777	165 KB
1	beyoubelong.org 1 redirects www.beyoubelong.org	557 B
1	beyoubelong.info 1 redirects beyoubelong.info	776 B
167	68

	Domain	Requested by
15	cdn2.tdecu.org	www.tdecu.org
11	www.tdecu.org	www.tdecu.org cds-sdkcfg.onlineaccess1.com
8	c1.adform.net	1 redirects a2.adform.net c1.adform.net
6	www.facebook.com	www.tdecu.org
6	libs.salemove.com	api.glia.com libs.salemove.com
6	script.crazyegg.com	www.googletagmanager.com cds-sdkcfg.onlineaccess1.com script.crazyegg.com
6	dev.visualwebsiteoptimizer.com	www.tdecu.org dev.visualwebsiteoptimizer.com
5	fonts.gstatic.com	www.tdecu.org
4	cm.g.doubleclick.net	4 redirects
4	s.adroll.com	1 redirects www.googletagmanager.com www.tdecu.org s.adroll.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
4	bat.bing.com	www.googletagmanager.com bat.bing.com www.tdecu.org
3	insight.adsrvr.org	js.adsrvr.org
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	idsync.rlcdn.com	2 redirects c1.adform.net
3	se.semasio.net	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
3	p.clarity.ms	cds-sdkcfg.onlineaccess1.com
3	a2.adform.net	1 redirects www.tdecu.org s2.adform.net
3	www.clarity.ms	www.tdecu.org www.clarity.ms bat.bing.com
3	cdn-cookieyes.com	www.tdecu.org cds-sdkcfg.onlineaccess1.com
3	assets.sitescdn.net	www.tdecu.org assets.sitescdn.net
2	c.clarity.ms	1 redirects
2	heatmaps.monsido.com	app-script.monsido.com cds-sdkcfg.onlineaccess1.com
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	www.google.nl	www.tdecu.org
2	region1.analytics.google.com	www.googletagmanager.com
2	collector-29653.us.tvsquared.com	www.tdecu.org
2	162566.tctm.co	www.googletagmanager.com 162566.tctm.co
2	www.googletagmanager.com	www.tdecu.org www.googletagmanager.com
2	api.glia.com	www.tdecu.org cds-sdkcfg.onlineaccess1.com
1	client-logger.salemove.com	cds-sdkcfg.onlineaccess1.com
1	log.cookieyes.com	cdn-cookieyes.com
1	directory.cookieyes.com	cds-sdkcfg.onlineaccess1.com
1	c.bing.com	1 redirects
1	tracking.monsido.com
1	ftrk.crazyegg.com	www.tdecu.org
1	tracking.crazyegg.com	cds-sdkcfg.onlineaccess1.com
1	assets-tracking.crazyegg.com	cds-sdkcfg.onlineaccess1.com
1	pagestates-tracking.crazyegg.com	cds-sdkcfg.onlineaccess1.com
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	match.adsrvr.org	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.adsafety.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ib.adnxs.com	1 redirects
1	x.bidswitch.net	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	stags.bluekai.com	a2.adform.net
1	pixel.mathtag.com	a2.adform.net
1	a1.seadform.net	www.tdecu.org
1	d.adroll.com	s.adroll.com
1	www.google.com	www.tdecu.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	api.ipify.org	www.tdecu.org
1	s2.adform.net	www.tdecu.org
1	alb.reddit.com	www.tdecu.org
1	js.adsrvr.org	www.googletagmanager.com
1	www.google-analytics.com	www.tdecu.org
1	www.redditstatic.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	answersstatus.pagescdn.com	cds-sdkcfg.onlineaccess1.com
1	app-script.monsido.com	www.tdecu.org
1	cds-sdkcfg.onlineaccess1.com	www.tdecu.org
1	www.beyoubelong.org	1 redirects
1	beyoubelong.info	1 redirects
167	93

This site contains links to these domains. Also see Links.

Domain
secure.tdecu.org
forms.fivision.com
tdecu.studentchoice.org
simplenexus.tdecu.org
myaccountviewonline.com
tdecuinsurance.epaypolicy.com
clientportal.vertafore.com
apps.apple.com
play.google.com
texasdow.myepresentment.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.hud.gov
www.ncua.gov

Subject Issuer	Validity	Valid
tdecu.org R3	`2023-12-05` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-11` - `2024-07-10`	a year	crt.sh
cdn-cookieyes.com GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh
onlineaccess1.com GTS CA 1P5	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.glia.com Amazon RSA 2048 M01	`2023-06-18` - `2024-07-15`	a year	crt.sh
app-script.monsido.com GTS CA 1D4	`2023-11-06` - `2024-02-04`	3 months	crt.sh
cdn2.tdecu.org Amazon RSA 2048 M01	`2023-02-22` - `2024-03-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
answersstatus.pagescdn.com Cloudflare Inc ECC CA-3	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-15` - `2023-12-14`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.tctm.co Amazon RSA 2048 M02	`2023-08-08` - `2024-09-03`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M02	`2023-05-29` - `2024-06-26`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.google.nl GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.adsafety.net R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2023-05-28` - `2024-06-26`	a year	crt.sh
heatmaps.monsido.com GTS CA 1D4	`2023-11-11` - `2024-02-09`	3 months	crt.sh
tracking.monsido.com GTS CA 1D4	`2023-11-23` - `2024-02-21`	3 months	crt.sh
directory.cookieyes.com Amazon RSA 2048 M02	`2023-03-03` - `2024-04-01`	a year	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2023-04-25` - `2024-05-24`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.tdecu.org/
Frame ID: 40C33DD397D23CEB0070DE923EFFFC76
Requests: 124 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=2816787&lid=120549097&ctype=0&media=0&PageName=Retargeting&rnd=1615736760&cpref=&loc=https%3a%2f%2fwww.tdecu.org%2f
Frame ID: 08917029C7BCF346E0F589DB75665B35
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Frame ID: 2FCF162B48960F1570D07F7CEAA7D2C9
Requests: 41 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=s4so7ax&ref=https%3A%2F%2Fwww.tdecu.org%2F&upid=1epc39v&upv=1.1.0
Frame ID: 9BA3AB6A7110196CA0E573A3F56C5BD9
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=0f9ttjl&ref=https%3A%2F%2Fwww.tdecu.org%2F&upid=gbyj632&upv=1.1.0
Frame ID: 04576C683F8C3DA95EAB35C2B22EB839
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=s4so7ax&ref=https%3A%2F%2Fwww.tdecu.org%2F&upid=1epc39v&upv=1.1.0
Frame ID: 2A8EE2763A583E19BB0761364C157F68
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TDECU | Your Texas Credit Union With Digital Banking

Page URL History Show full URLs

http://beyoubelong.info/ HTTP 302
https://www.beyoubelong.org/ HTTP 302
https://www.tdecu.org/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

167
Requests

88 %
HTTPS

37 %
IPv6

68
Domains

93
Subdomains

77
IPs

8
Countries

2598 kB
Transfer

7642 kB
Size

74
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.tdecu.org/TDECUOnline/uux.aspx#/login
Title: Log In

Search URL Search Domain Scan URL

URL: https://forms.fivision.com/tdecu/oa
Title: Open an Account

Search URL Search Domain Scan URL

URL: https://forms.fivision.com/tdecu/oa/Default.aspx
Title: Apply Now

Search URL Search Domain Scan URL

URL: http://tdecu.studentchoice.org/
Title: Student Loans & Refinance

Search URL Search Domain Scan URL

URL: https://simplenexus.tdecu.org/homehub/signup/imortgageorigination@tdecu.org
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://myaccountviewonline.com/login/
Title: Access Your Account

Search URL Search Domain Scan URL

URL: https://tdecuinsurance.epaypolicy.com/
Title: Make an Insurance Payment

Search URL Search Domain Scan URL

URL: https://clientportal.vertafore.com/Login/2041121-1
Title: Access Your Policy

Search URL Search Domain Scan URL

URL: https://forms.fivision.com/tdecu/sc/
Title: Check Application Status

Search URL Search Domain Scan URL

URL: https://forms.fivision.com/tdecu/oa?PreSelectedProducts=LUC
Title: Start Now

Search URL Search Domain Scan URL

URL: https://forms.fivision.com/tdecu/oa/default.aspx
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://forms.fivision.com/tdecu/oa/default.aspx?PreSelectedProducts=buceesmvp
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/tdecu/id892559024
Title: <img class="" style="margin: 0 16px 8px 0;" src="https://cdn2.tdecu.org/images/icons/apple-badge.png" alt="Download TDECU App on the App Store" width="175" height="55" />

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.q2e.texasdowcreditunion5004401st.mobile.production&hl=en
Title: <img class="" style="margin: 0 16px 8px 0;" src="https://cdn2.tdecu.org/images/icons/google-badge.png" alt="Download TDECU app on Google Play" width="175" height="55" />

Search URL Search Domain Scan URL

URL: https://secure.tdecu.org/TDECUAutoEnrollment/autoenrolluux.html
Title: Get Started

Search URL Search Domain Scan URL

URL: https://texasdow.myepresentment.com/login
Title: eDocuments

Search URL Search Domain Scan URL

URL: https://forms.fivision.com/tdecu/sc/?_ga=2.147011383.1095903125.1674491568-667829709.1668013362
Title: Application Center

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TDECU

Search URL Search Domain Scan URL

URL: https://twitter.com/TDECU

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tdecuyourcreditunion/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/tdecu

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TDECUvideos

Search URL Search Domain Scan URL

URL: https://www.hud.gov/program_offices/fair_housing_equal_opp
Title: <img src="https://cdn2.tdecu.org/images/managed/equal-housing-lender-white.svg" loading="lazy" alt="Equal Housing Lender" />

Search URL Search Domain Scan URL

URL: https://www.ncua.gov/
Title: <img src="https://cdn2.tdecu.org/images/managed/ncua-white.svg" loading="lazy" alt="NCUA" />

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beyoubelong.info/ HTTP 302
https://www.beyoubelong.org/ HTTP 302
https://www.tdecu.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://s.adroll.com/j/pre/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 86

https://a2.adform.net/Serving/TrackPoint/?pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=272617675076&ADFtpmode=2&loc=https%3A%2F%2Fwww.tdecu.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=272617675076&ADFtpmode=2&loc=https%3A%2F%2Fwww.tdecu.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 112

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5986721754627265361&expiration=1703127708 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5986721754627265361&expiration=1703127708&C=1

Request Chain 113

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5986721754627265361&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5986721754627265361&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=5986721754627265361&gdpr=&sInitiator=external HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=2219546490082728919&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Q0Y4M0IzNTIxNEM0NkQwNg&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEOWSv0I_CAKfe2muai7Ag-I&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEOWSv0I_CAKfe2muai7Ag-I&sInitiator=internal&google_cver=1&gdpr=

Request Chain 115

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5986721754627265361 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5986721754627265361&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 116

https://idsync.rlcdn.com/398366.gif?partner_uid=5986721754627265361 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNTk4NjcyMTc1NDYyNzI2NTM2MRAAGg0InOvEqwYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKno965i8wIdxAe7Vhc_21I&google_cver=1

Request Chain 120

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTk4NjcyMTc1NDYyNzI2NTM2MQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHjQ72tmFeEQG2L0UoAF_vo&google_cver=1&google_ula=1641347,0

Request Chain 125

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=2219546490082728919&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=5986721754627265361

Request Chain 128

https://a.audrte.com/a?adform_uid=5986721754627265361 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MjlsRWc5V1ZZUVJSOUNkWmpNQ1FiTXFwUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 129

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5986721754627265361&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5986721754627265361&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=85624736947680220181620742887375369474&noredirect=1

Request Chain 130

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5986721754627265361 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219103204723000167774

Request Chain 131

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7309682618634336415

Request Chain 133

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=mpPg3Pva1Rb4E55

Request Chain 137

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=32661861 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=INNob.zBV0f6uRh0a7QmE.

Request Chain 157

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8D1A5788AB1E4AC6B6E46769E859EE6D&RedC=c.clarity.ms&MXFR=1E6D36D3B3646FAA1B462533B7646153 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8D1A5788AB1E4AC6B6E46769E859EE6D&MUID=2D00ECD0A631635E3FBAFF30A7F1625C

167 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tdecu.org/
Redirect Chain

http://beyoubelong.info/
https://www.beyoubelong.org/
https://www.tdecu.org/

176 KB
27 KB

609ms
236ms

Document
text/html

3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

27a019fce2776dee76a2eb18a3a5f86b8949778891f6cf9a921d0a2386cd7ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 10
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-encoding: gzip
content-length: 26992
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Thu, 07 Dec 2023 03:01:45 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Thu, 07 Dec 2023 03:01:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 16
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8319869c9df51cca-AMS
date: Thu, 07 Dec 2023 03:01:45 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://www.tdecu.org
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWsFJNku%2FpyH4yE5zRTtGTPxNMxswVrLCi1xmJronNUdD3mft0Ix4So7HhJxemSi8CJhwHtaUcf4k4BdfjsykZjuRF3hUpem2CkXUq5b1moplIGDQWCTyZXClkoq0FvQpV6BGA3HrAWjwb%2F3jeNtpiQO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v16/ 15 KB
15 KB 156ms
74ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdecu.org/
Origin: https://www.tdecu.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:09:59 GMT
x-content-type-options: nosniff
age: 417106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14864
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:09:59 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
15 KB 146ms
64ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f4eb73e4854117bf7bf9da7dc0c17740b03b5db6eb7ee6ffc20aeb35c1ea48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdecu.org/
Origin: https://www.tdecu.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 06:48:26 GMT
x-content-type-options: nosniff
age: 418399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14836
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 06:48:26 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 115ms
33ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdecu.org/
Origin: https://www.tdecu.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:50:00 GMT
x-content-type-options: nosniff
age: 151905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13912
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:50:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 165ms
83ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdecu.org/
Origin: https://www.tdecu.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:01:37 GMT
x-content-type-options: nosniff
age: 471608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14044
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:01:37 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 121ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdecu.org/
Origin: https://www.tdecu.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:43:59 GMT
x-content-type-options: nosniff
age: 209866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14176
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 16:43:59 GMT

GET
H2 200 fa-solid-900.woff2
www.tdecu.org/templates/tdecu/fonts/fa/ 138 KB
138 KB 248ms
245ms Font
font/woff2 3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdecu.org/templates/tdecu/fonts/fa/fa-solid-900.woff2

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

32a191572908746d2e318ba46d98d44ccb92ac9354ba06aad2fe3a47aa354753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tdecu.org/
Origin: https://www.tdecu.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 10 Apr 2023 16:32:41 GMT
server: nginx/1.18.0 (Ubuntu)
age: 14385
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-cache: HIT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 140565
x-cache-hits: 2076

GET
H2 200 0ea87941afabaf3ef05f4b0c2e8ee137.css
www.tdecu.org/media/com_jchoptimize/cache/css/ 446 KB
67 KB 122ms
120ms Stylesheet
text/css 3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdecu.org/media/com_jchoptimize/cache/css/0ea87941afabaf3ef05f4b0c2e8ee137.css

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a8145c626794c882fd517ad8027a1c846c730efd9cba4e3731370f5f6fc0b00c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Dec 2023 02:23:17 GMT
server: nginx/1.18.0 (Ubuntu)
age: 20095
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-cache: HIT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 68740
x-cache-hits: 1866

GET
H2 200 003efcd085b86ebdbce7a7a5935309e4.css
www.tdecu.org/media/com_jchoptimize/cache/css/ 565 KB
80 KB 244ms
242ms Stylesheet
text/css 3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdecu.org/media/com_jchoptimize/cache/css/003efcd085b86ebdbce7a7a5935309e4.css

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d8a4feefff1bf62a42eac260d3efe25d1bb72e3a32b220212d14c7c3012c6698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Dec 2023 14:23:13 GMT
server: nginx/1.18.0 (Ubuntu)
age: 20095
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-cache: HIT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 81328
x-cache-hits: 3157

GET
H2 200 answers.css
assets.sitescdn.net/answers/v1.7.1/ 98 KB
12 KB 126ms
36ms Stylesheet
text/css 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sitescdn.net/answers/v1.7.1/answers.css
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 847ddd7cbb1ab322976ca46c2038b5dacaacb781ff25c9e576c859455802fcac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:45 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Jan 2021 16:10:17 GMT
server: cloudflare
x-amz-request-id: EPZ9BTJP644G31FP
age: 499969
etag: W/"0caa637588ea850b9ea837e963c828ab"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 831986a14aff6625-AMS
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mB6+Q0kxsJDLOkYf/YWOUhIpDWYPLoT7Pihoqu+tDYy1FRvpoGtDwQMDI9pjDcAsc2F3OVN8KaI=

GET
H2 200 73892a05d04bd5a29d84109dca8fda2d.js Show response
www.tdecu.org/media/com_jchoptimize/cache/js/ 108 KB
37 KB 245ms
244ms Script
application/javascript 3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdecu.org/media/com_jchoptimize/cache/js/73892a05d04bd5a29d84109dca8fda2d.js

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

34fd40bbba74b00767d38ca2ecc95bec1e20bd72615ead84fe786b8cf218ef0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Dec 2023 14:23:13 GMT
server: nginx/1.18.0 (Ubuntu)
age: 20095
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cache: HIT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 37885
x-cache-hits: 3223

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/56cf2d44ea731ea9ecfb4a95/ 153 KB
48 KB 105ms
40ms Script
application/javascript 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/56cf2d44ea731ea9ecfb4a95/script.js
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ba15fd1bf4cc725df14f09a74ec3f3cfd9a3c9f3fab25c8da39652be098c8ac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 09:22:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 60104
etag: W/"26291-60bd3e5a75d53-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kujcfewqir6hv3rVx%2F60ZRzUupRKmnEQNOt9hYGNTKcfNKMW4yy3Hxrw6NyBqqpXDB4HuXsBkWAM68%2Fb5zLk4Oe3wXehu6JLSan%2FYyBQTV%2FCINIrqG10r9AkvZx5unRd0U5RlMfxy7wn%2BA3NPWR5"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 831986a12d19b8f7-AMS

GET
H2 200 common.js Show response
cds-sdkcfg.onlineaccess1.com/ 297 KB
165 KB 229ms
157ms Script
application/javascript 192.0.63.252
Q2HOLDINGS

General

Check archive.org

Show headers Download Go to

Full URL

https://cds-sdkcfg.onlineaccess1.com/common.js

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.63.252 , United States, ASN62659 (Q2HOLDINGS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e59372389432693f0fc02525af9060408172ddee0f91e67faf1beb0a0282f6b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
x-ion-hop: prod
cache-control: no-cache, no-store, must-revalidate
cf-ray: 831986a13a5b1ca4-AMS
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 answers.min.js Show response
assets.sitescdn.net/answers/v1.7.1/ 448 KB
129 KB 39ms
37ms Script
application/javascript 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sitescdn.net/answers/v1.7.1/answers.min.js
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b6b64bd38df5d467b00a459640f5eeb0c99c5a1d92e3489553dcc42344ff0ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Jan 2021 16:10:17 GMT
server: cloudflare
x-amz-request-id: NF2W00EA6XE6EBVN
age: 3115236
etag: W/"c812e6789e2000947d5e90e3a0687a6e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 831986a4ad6c6625-AMS
alt-svc: h3=":443"; ma=86400
x-amz-id-2: T1kx/TK7agb5UDLV7Q+utT3GvGLx/xVRqzR0K5hQXP5eRnWYCNxIwFTODmGHyzq+IWq5MnIy5j8=

GET
H2 200 salemove_integration.js Show response
api.glia.com/ 9 KB
9 KB 576ms
34ms Script
application/javascript 2600:9000:2646:2800:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.glia.com/salemove_integration.js

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:2800:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

085fa63bd5ca5ec9e2fb93e761032cbb85a9f11c5f984842bb63230b539bbeab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Thu, 07 Dec 2023 02:49:39 GMT
via: 1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 20:30:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 731
x-amz-server-side-encryption: AES256
etag: "1a8fd57b4a2524648ffd2624368c9cac"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8905
x-amz-cf-id: PxENtuS1xPljOEczLtHt6yePIyJ1-u_3SC5Tnj_8JqyPSIKH1JUA0w==

GET
H2 200 monsido-script.js Show response
app-script.monsido.com/v2/ 8 KB
3 KB 98ms
26ms Script
text/javascript 2600:1901:0:22e6::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://app-script.monsido.com/v2/monsido-script.js
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:22e6:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 02:58:59 GMT
content-encoding: gzip
age: 167
x-guploader-uploadid: ABPtcPqQKHQ6_64kBBG0B_ds_hqPITv3RmJvzmpIFtPgIOp-sOs9Rdd0Fx48O13Xv9wcNjfsOb69JxzGfzmyrDsrQL8Mzg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2757
last-modified: Thu, 01 Jun 2023 11:12:59 GMT
server: UploadServer
etag: "fce0a6a1f924b9c6816bdc5bc679506e"
vary: Accept-Encoding
x-goog-generation: 1685617979609837
x-goog-hash: crc32c=dMVJbw==, md5=/OCmofkkucaBa9xbxnlQbg==
content-type: text/javascript
cache-control: public, max-age=300
x-goog-stored-content-length: 2757
accept-ranges: bytes
expires: Thu, 07 Dec 2023 03:03:59 GMT

GET
H2 200 sppagebuilder.js Show response
www.tdecu.org/components/com_sppagebuilder/assets/js/ 74 KB
20 KB 119ms
119ms Script
application/javascript 3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdecu.org/components/com_sppagebuilder/assets/js/sppagebuilder.js?322858523b29016b9956efbebde8b144

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

185f6679ba7cbbce16dc3413260616a69a536b68f9d9a2941ac69eb0ebdedb66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Nov 2023 00:56:14 GMT
server: nginx/1.18.0 (Ubuntu)
age: 14385
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cache: HIT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20147
x-cache-hits: 2153

GET
H2 200 tdecu-logo.svg
cdn2.tdecu.org/images/assets/ 5 KB
5 KB 248ms
35ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/assets/tdecu-logo.svg
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 41e40ec4f7a4f3bac749ad9e0af6e75ff360a9cdedebc5bea916fa857ccfef97

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:15:46 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3149159
x-amzn-requestid: 34e5aa13-7368-4439-83e1-865d4205aab6
x-amzn-trace-id: root=1-65412831-2077793c3ed405691b9c413c;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 4745
x-amz-cf-id: 27TgQQbkuhBH1SsLh_0M-YDJhGvo8R3urnuLaqsJ_p13EjamYJhwIQ==

GET
H2 200 cd-hero-image-v2-100-3.jpg
cdn2.tdecu.org/images/campaigns/ 7 KB
7 KB 262ms
49ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/campaigns/cd-hero-image-v2-100-3.jpg?s=1800x480&c=center&g=s&f=a&z=2
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4f53d04d468fe6bb252d339a3a08e27bfc1f1ac0d625a17eef038b6837a91510

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:31:49 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 199796
x-amzn-requestid: adfe2c75-0817-4f89-af84-7fc0aefd4561
x-amzn-trace-id: root=1-656e2925-3e36255d7ba552ea4315c8fd;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 7237
x-amz-cf-id: fFC4gxsujRFP2UG8WzZtfTs7kIHfp8ptnqK0AhZUWyAzSNLIVdQTRw==

GET
H2 200 2_hyc-rate-change_hero.jpg
cdn2.tdecu.org/images/campaigns/hyc/ 14 KB
14 KB 46ms
41ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/campaigns/hyc/2_hyc-rate-change_hero.jpg?s=1800x480&g=s&f=a&z=2
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4b39060455791325aad8e7a4a2c63581af939fc26dc42e4e4e43b182d323c575

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:31:50 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 199795
x-amzn-requestid: 9616bb1d-2298-40e4-a90a-93129f923f26
x-amzn-trace-id: root=1-656e2925-4b1491471d0377934f200239;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 14160
x-amz-cf-id: Pan6FR2ba7eItKuE4s2vAE9AzNcH0dB22wkzaIZrRL1TMMpqH9BmkA==

GET
H2 200 uh-homecoming-hero-3b.jpg
cdn2.tdecu.org/images/2023/09/14/ 197 KB
197 KB 43ms
43ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/2023/09/14/uh-homecoming-hero-3b.jpg?s=1800x480&g=ne&f=a&z=2
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 51f4a13cf5d952a4b0ab1c733c71bba1ab065db1c1519b47d6952f4d954e007e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:31:51 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 199795
x-amzn-requestid: 2784053a-f277-4cc1-9659-8806b6c24e7f
x-amzn-trace-id: root=1-656e2926-7503d700756336545abe716c;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 201480
x-amz-cf-id: 27kejAYhd27E84efLKhYX7shocK2CgnYz8gEu15pwlypveQgyUFC-g==

GET
H2 200 texans-hero-v2.png
cdn2.tdecu.org/images/hero-images/ 27 KB
27 KB 97ms
97ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/hero-images/texans-hero-v2.png?s=1800x480&g=ne&f=a&z=2
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 629f2e60f4b2d89172e4d9345cfc4f0b9493f75bceb2b0f380e4b4b30a6c7b6a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:31:51 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 199795
x-amzn-requestid: d865ef95-a9d2-4f83-ab15-c33ce916a31d
x-amzn-trace-id: root=1-656e2927-6663de3f1217fc816f8c82bf;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 27667
x-amz-cf-id: G75EUromeMPX6H0i0Ri3ygHiMDTx32-R5hOTat3fLLK4CwphLKbb-A==

GET
H2 200 scripts.min.js Show response
www.tdecu.org/templates/tdecu/script/ 429 KB
116 KB 119ms
119ms Script
application/javascript 3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdecu.org/templates/tdecu/script/scripts.min.js?cb=34e3326616e891f1775eea1a0ae40058

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5ec32f78b4ec369e87a00fd1f182ca1742607d17c84cb05d52ce484c157734f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 15 Nov 2023 01:41:42 GMT
server: nginx/1.18.0 (Ubuntu)
age: 14386
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cache: HIT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 118350
x-cache-hits: 2214

GET
H2 200 gtm.js Show response
www.tdecu.org/templates/tdecu/script/ 11 KB
3 KB 119ms
118ms Script
application/javascript 3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdecu.org/templates/tdecu/script/gtm.js?cb=34e3326616e891f1775eea1a0ae40058

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d29f013378e287ad6fee0a3d57e0a1d3815dc2403f8dbaa14e0ca36f8c8f3284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 07 Nov 2023 03:21:10 GMT
server: nginx/1.18.0 (Ubuntu)
age: 13750
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cache: HIT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2637
x-cache-hits: 1963

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
102 KB 602ms
59ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f001fd0d2b7cca41baa85df3dc1b8e87e980868ae1dc6675e3c0e23098ba8606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 03:01:46 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 21 KB
7 KB 103ms
43ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=797377&u=https%3A%2F%2Fwww.tdecu.org%2F&vn=2
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 20f40bd6f1d17b00a055956c034b229fc0b4b1d4331ccb526d42973264b2edae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1701252075_EA"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 501099e3597bc2c949e5639a9b29b1e9cc4bd77d5bf7d1dc9e6c7897b8ba030b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a520785c9d0e6bac62535ac3fe4983ea61f6baa08c081cf0c6f70b78c049cc51

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tdecu-logo.svg
cdn2.tdecu.org/images/assets/ 5 KB
5 KB 34ms
33ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/assets/tdecu-logo.svg
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 41e40ec4f7a4f3bac749ad9e0af6e75ff360a9cdedebc5bea916fa857ccfef97

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:15:46 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3149160
x-amzn-requestid: 34e5aa13-7368-4439-83e1-865d4205aab6
x-amzn-trace-id: root=1-65412831-2077793c3ed405691b9c413c;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 4745
x-amz-cf-id: 83SIIaSBs3GxtYO9flDNIq1Cnrk4zi90PYegTmCuJ-k6uVNcM9mP7A==

GET
H2 200 fa-brands-400.woff
www.tdecu.org/components/com_sppagebuilder/assets/webfonts/ 90 KB
91 KB 119ms
118ms Font
font/woff 3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdecu.org/components/com_sppagebuilder/assets/webfonts/fa-brands-400.woff

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/media/com_jchoptimize/cache/css/0ea87941afabaf3ef05f4b0c2e8ee137.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a0375c054a0041bd58e2a0bf7fa3df7c3904bfc4f790fd24e32ff3ee70fd0eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tdecu.org/media/com_jchoptimize/cache/css/0ea87941afabaf3ef05f4b0c2e8ee137.css
Origin: https://www.tdecu.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 20095
x-cache: HIT
content-length: 92162
last-modified: Wed, 22 Nov 2023 00:56:14 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-cache-hits: 2940

GET
H3 200 answerstemplates.compiled.min.js Show response
assets.sitescdn.net/answers/v1.7.1/ 315 KB
64 KB 38ms
37ms Script
application/javascript 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sitescdn.net/answers/v1.7.1/answerstemplates.compiled.min.js
Requested by: Host: assets.sitescdn.net
URL: https://assets.sitescdn.net/answers/v1.7.1/answers.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e482eb6717364f5372e044fe181c2abdcbffa18e36a7860634deb4273440a139

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Jan 2021 16:10:17 GMT
server: cloudflare
x-amz-request-id: WF910H8Q39C5YJA3
age: 762615
etag: W/"ac39ea2c28426a8e8d1fdc36730e402b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 831986a548ef1c88-AMS
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NN+mm15ZQaReIO82AyuApnOLCOqlUFo93IPSVs/4yBDL/nizluWkRIb/8HZX34XYd0zIGuYS0QM=

GET
H2 200 status.json Show response
answersstatus.pagescdn.com/7cbcd3c971849c8f68b6fe2850cd247c/answers_tdecu/ 18 B
898 B 587ms
142ms Fetch
application/json 2606:4700::6811:1954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answersstatus.pagescdn.com/7cbcd3c971849c8f68b6fe2850cd247c/answers_tdecu/status.json?v=20190101&api_key=7cbcd3c971849c8f68b6fe2850cd247c&jsLibVersion=v1.7.1&sessionTrackingEnabled=true

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:1954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d11441a60f0c81871548ccecf0b533ae2fff9f3b47aeb8d8d25ff1f2f10f54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-version-id: null
x-amz-request-id: N8EWYEN80JQ873VA
x-amz-server-side-encryption: AES256
x-yext-subendpoint: static
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-id-2: yJZOc++Or3eKWEoJQx/YL4lT+0PX/Erf4hICzhbmgo7xoojDrWmOCyo/YACl8iCC1FCQ+vfiiSs=
surrogate-key: answersstatus.pagescdn.com answersstatus.pagescdn.com%2F7cbcd3c971849c8f68b6fe2850cd247c%2Fanswers_tdecu%2Fstatus.json
last-modified: Wed, 30 Dec 2020 19:54:54 GMT
server: cloudflare
etag: "4310463ea3535c60c436d48d1e97769a"-gzip
vary: Accept-Encoding, Origin
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: application/json
access-control-allow-origin: https://www.tdecu.org
x-yext-site: us2
cache-control: max-age=0, s-maxage=7200, must-revalidate
accept-ranges: bytes
cf-ray: 831986a808e67745-AMS
owner: AnswersSdkOverrides

GET
H3 200 va_gq-d6c59314e01330335ec76056e0a46602.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 242 KB
63 KB 60ms
31ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-d6c59314e01330335ec76056e0a46602.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=797377&u=https%3A%2F%2Fwww.tdecu.org%2F&vn=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 33721247fe4974d66ef41ebe2f249cfb941eca6fa3558c0889143864af10e87d

Request headers

Referer: https://www.tdecu.org/
Origin: https://www.tdecu.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 06 Dec 2023 17:06:08 GMT
server: gams1
etag: "6570aa00-fb94"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64404

GET
H3 200 nc-d6c59314e01330335ec76056e0a46602.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 7 KB
3 KB 59ms
31ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/nc-d6c59314e01330335ec76056e0a46602.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=797377&u=https%3A%2F%2Fwww.tdecu.org%2F&vn=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 6ab9a6dbc253783f19de0c6941fff5d809894f427672757938c315f05c7d4ac4

Request headers

Referer: https://www.tdecu.org/
Origin: https://www.tdecu.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 06 Dec 2023 17:06:08 GMT
server: gams1
etag: "6570aa00-a10"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2576

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
142 B 113ms
111ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=797377&d=tdecu.org&u=D687ABBD5129B9B3FEC145748FC535821&h=0175d4f21893c905ec21731fc8bd34cb&t=false

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
BLOB 200
OK 79ef525f-04d6-414a-9fe9-3985b6423074
https://www.tdecu.org/ 366 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tdecu.org/79ef525f-04d6-414a-9fe9-3985b6423074
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6f3fbfb1ea5189d02cbcda60eb41d4e7cbe05145dab81b752f3e18982e4a004

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 366
Content-Type: application/javascript

GET
H2 200 / Show response
www.tdecu.org/blog/ 40 KB
11 KB 394ms
394ms XHR
text/plain 3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdecu.org/blog/?format=feed&type=rss

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

eaab23b52c72776f42b8b800cc7b09254e9f31b643ea6b5046255f6c1c78d4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.tdecu.org/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 07 Dec 2023 03:01:47 GMT
server: nginx/1.18.0 (Ubuntu)
cross-origin-opener-policy: same-origin
age: 0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/rss+xml; charset=utf-8
x-cache: MISS
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
accept-ranges: bytes
expires: Wed, 17 Aug 2005 00:00:00 GMT

POST
H2 200 visitor_config Show response
api.glia.com/ 10 KB
11 KB 141ms
140ms XHR
application/json 2600:9000:2646:2800:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.tdecu.org%2F&

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:2800:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

347d69c2aa3e6b0fa8fea29ab451f1849d18441bd2336aac8846c8f2aa7610f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tdecu.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-length: 10027
access-control-max-age: 7200
access-control-allow-methods: ["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"]
content-type: application/json
access-control-allow-origin: https://www.tdecu.org
access-control-expose-headers
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
vary: Origin
x-site-visitor-config: true
access-control-allow-headers: Content-Type, Accept, Authorization
x-amz-cf-id: vGGM9-ycuXDJUqh2APT081PAbkvGZlFdPnQhY3PJx6akNWNz_lnHoA==

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK f054c097-8287-4b73-a8d1-afe501ed882b
https://www.tdecu.org/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tdecu.org/f054c097-8287-4b73-a8d1-afe501ed882b
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 112ms
111ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=797377&u=D687ABBD5129B9B3FEC145748FC535821&s=1701918106&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1701918107046%2C%22tO%22%3A-1%2C%22tz%22%3A%22Europe%2FAmsterdam%22%7D&cu=https%3A%2F%2Fwww.tdecu.org%2F&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1701918106062&v=d657eaa83

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:47 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
93 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-73V86QZK0R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e2a4b3b968aa979fc0d0b5f51af93e40ed6a973fbf991484e5f97561579e0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95113
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 03:01:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1008014887/ 3 KB
2 KB 286ms
73ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008014887/?random=1701918107141&cv=11&fst=1701918107141&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831284953&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tdecu.org%2F&hn=www.googleadservices.com&frm=0&tiba=TDECU%20%7C%20Your%20Texas%20Credit%20Union%20With%20Digital%20Banking&auid=843626236.1701918107&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7d0e21d46cf1fdf41314362952b8700faace627a464fb6ee913027d4aa7842a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 263ms
55ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 07 Dec 2023 03:01:46 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A73D3ECD5B241388B75C2E95BD67E45 Ref B: DUS30EDGE0419 Ref C: 2023-12-07T03:01:47Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 0550.js Show response
script.crazyegg.com/pages/scripts/0115/ 6 KB
2 KB 875ms
663ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0115/0550.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3019bf38e1904c4c5f6f5c4183bfe3126a6415403b0c3909b7da715afbe08a2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:48 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 03:01:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
ce-version: 11.5.153
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831986ab1d9f6702-AMS
content-length: 2175

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 240ms
32ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 03:01:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: AcAoqD7jHPFLX6i8gkB7qHweC/tvXSq6tJc8yuesZLgp6IuWCriUT1GRI0ZruSXy3SJeDNa+vKjiJV27XvrzvQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 232ms
26ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 236ms
32ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 01:22:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5954
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 03:22:33 GMT

GET
H2 200 cra9ptioz7 Show response
www.clarity.ms/tag/ 650 B
1013 B 320ms
117ms Script
application/x-javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/cra9ptioz7?ref=gtm2
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 886bc5e8e4302caaf7d4180769f4d5b0d0ff23bdd929f7e42a8b46613e02faa9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date: Thu, 07 Dec 2023 03:01:46 GMT
x-azure-ref: 0mzVxZQAAAADoWAwxgBBVT6hajhrCZAtlQlJVMzBFREdFMDcxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 650
expires: -1

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 232ms
32ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 06:22:03 GMT
Content-Encoding: gzip
Via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 74385
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: I98M2MOQ60bAFPWIbicxutYb_wTa5-XJ8kNwbrX3Qpvu6DHqEFiXxg==

GET
H2 200 t.js Show response
162566.tctm.co/ 47 KB
16 KB 253ms
52ms Script
application/x-javascript 2600:9000:223d:dc00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://162566.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:dc00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: db55ab4e4b3f7ad0e31f77951e3aa6e51ca610c86f3c436e0891b062b3bbaef6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
content-encoding: gzip
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 03:01:47 GMT
server: ctm
x-amz-cf-pop: FRA56-P3
etag: W/6571359b00027b06ec51955d-162566
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EmapE3TF5-VCL-AC3S3vQpYO5ZDSHKPNAhEQWB1j6ESQ1Kzl2oUmLA==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 77 KB
24 KB 233ms
38ms Script
text/javascript 2600:9000:2644:5400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:5400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e647fd151d941ab7e693248b0d96d53257061d4d37ab628300b5724589a52718

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id: Ym5hxk7c_y8.Y1_DGx5_FgR0JJKWHJhj
Content-Encoding: gzip
Via: 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront)
Date: Thu, 07 Dec 2023 02:30:41 GMT
Age: 1869
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 06 Dec 2023 19:17:14 GMT
Server: AmazonS3
Etag: W/"023a5fc2a60df37f057403109fddf553"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: lrURXP6L31DUGGCQnjkm3XMOrjouWTs2inzGZy_edJtUAV8p6_c7LQ==

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 6 KB
3 KB 49ms
49ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=797377&settings_type=1&vn=&eventArch=1&uuid=&ec=447272&exc=2
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-d6c59314e01330335ec76056e0a46602.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: ac5b3ce4e5818c864def6441c3f55fd0e564d481a88a2aef9acd37eb5b118938

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1701252075_EA"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bootstrapper-fb051d12e.js Show response
libs.salemove.com/visitor/ 635 KB
165 KB 142ms
39ms Script
application/javascript 2600:9000:206f:9400:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor/bootstrapper-fb051d12e.js

Requested by

Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:9400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

180d581f3cec69f0245e5c81e7cf068681f9b8e821c9f2ee601bb85803c04200

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:06:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 136504
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 05 Dec 2023 12:28:59 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:c1069f3e6821e94809d4b4194c763a43
etag: W/"c1069f3e6821e94809d4b4194c763a43"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: B7-4T2RXgppfTRQ5jhg14dZCqYAWwnxVLrT8DXg5OhORZMiUsuakoQ==

GET
H2 200 handshake.svg
cdn2.tdecu.org/images/icons-svg/ 9 KB
9 KB 35ms
34ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/icons-svg/handshake.svg
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bdd12ab35927bc8f25c21676fe4bc6fa30f69b5d5d55a49bd691283773d7913e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:01:55 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 493192
x-amzn-requestid: 8b9cd047-65a6-4f59-a818-74bc20af431e
x-amzn-trace-id: root=1-6569af13-5ef398c60681c1640a02079b;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 9125
x-amz-cf-id: FuEoOTLKlXQLApbbESBHYcRA0s0S9uLPlY6CcDi3bM5uVGSPWlGNKQ==

GET
H2 200 texas-pride-2.svg
cdn2.tdecu.org/images/icons-svg/ 8 KB
9 KB 36ms
35ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/icons-svg/texas-pride-2.svg
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e726adf83b1ea776f29251ac7ea24757afc19a3d5474c00a8042229997ff2fef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 12:27:19 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1002868
x-amzn-requestid: 0594d7a2-a4cc-414c-b9ad-349b54c11bb9
x-amzn-trace-id: root=1-6561e827-7389ac0b23d05ce31e4a659a;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 8653
x-amz-cf-id: RB8POcAuE_Slj5KCEKVmd3xg74mpLSWtutpYDETD2peZV2X-tdYxLg==

GET
H2 200 status-check.svg
cdn2.tdecu.org/images/icons-svg/ 5 KB
5 KB 37ms
36ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/icons-svg/status-check.svg
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5d7976e7429a62d85580ac13dde40ebdd391368bab495645d8d4ae4aff7d95d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:01:55 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 493192
x-amzn-requestid: e47ff5ba-3ad4-450f-98b0-d0c7e127c12c
x-amzn-trace-id: root=1-6569af13-4172c5e96bd250691da56c7f;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 4750
x-amz-cf-id: FOhcHkWgA_XoNvWXT7YzJikp4ngJWQrwL3uQ2UypMgG7YnzBkn4YwQ==

GET
H2 200 money-envelope.svg
cdn2.tdecu.org/images/icons-svg/ 6 KB
6 KB 36ms
35ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/icons-svg/money-envelope.svg
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bbd4895fd857ee9b6c5a841af4ce8586cd64e94f2a718d97e38bd7f9b283468a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:22:49 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 207538
x-amzn-requestid: 30e2c174-b228-4684-bc0a-10e94ba7c4ae
x-amzn-trace-id: root=1-656e0ae9-13af6083682557191ad5e3e9;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 6225
x-amz-cf-id: Vz8IP4BmuQNa2yTeUPXfRM4GucKpOa_9Jj3RwMrtz8ZxbGhun8v9Kg==

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 104ms
27ms Image
image/gif 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1701918107449&id=t2_t3w4w8yv&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=24637e65-2b5b-401e-9bfc-aa2a03a37832&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

33ms
33ms

Script
application/javascript

2600:9000:2644:5400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: HTTP/1.1
Server: 2600:9000:2644:5400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Wed, 06 Dec 2023 18:59:39 GMT
Via: 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront)
Age: 28931
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nyWTiCdNyP_llVA61PHz7MiWSIaVyPbTLNBB6tB4DnawTK8cAhPaEA==

Redirect headers

Date: Thu, 07 Dec 2023 03:01:47 GMT
Via: 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P6
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0
X-Cache: Error from cloudfront
X-Amz-Cf-Id: CYB7J0lXTfIrlq3iq-5UpnhW0aXYfm56r5X2MtsPHKyqGL6dKv2vuw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/ 0
776 B 728ms
666ms Script
text/javascript 2600:9000:2644:5400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:5400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 03:01:49 GMT
X-Amz-Version-Id: _t6Z5wi96EXgPhArrJmqPgdQd5u8upqz
Via: 1.1 6e4ed2b1996ce238462d61d3bfff667a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 06 Dec 2023 11:44:03 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 5ZHZAsogZueu-6MMAlDExERMnp250HN4zTfHz2NcmLzIsJuxRt6x3w==

GET
H2 200 p.js Show response
162566.tctm.co/ 74 B
466 B 47ms
47ms Script
application/x-javascript 2600:9000:223d:dc00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://162566.tctm.co/p.js?sid=6571359b00027b06ec51955d&p=1005540.1.832.924.6148&
Requested by: Host: 162566.tctm.co
URL: https://162566.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:dc00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 4bd9ae8b2b6b357924c6fb9a199e13e5fcfcf3485dadea9c6974a8e62547256f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
content-encoding: gzip
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: z3sM4WTlVKwdHhR_vvi4WEqRNTsjkkwA5NAaBQGIXDY5nAagF1OAkw==

GET
H/1.1 200
OK tv2track.js Show response
collector-29653.us.tvsquared.com/ 20 KB
9 KB 546ms
118ms Script
application/javascript 3.17.53.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-29653.us.tvsquared.com/tv2track.js
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.17.53.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-53-221.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 03:01:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 13:50:22 GMT
Server: nginx
ETag: "6542579e-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Thu, 07 Dec 2023 03:11:48 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 250ms
88ms Script
application/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002a4302a981bc3024-00646c8ee1-3295d04c-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 ja-presidents.jpeg
cdn2.tdecu.org/images/blog-upload/ 28 KB
29 KB 35ms
34ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/blog-upload/ja-presidents.jpeg?f=a&s=432x280
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8c56b8d8270e9f2867bfb8984bcc881da7d7517a93b864ee821f87caa122cbf5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 15:32:42 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1250945
x-amzn-requestid: 008855f3-6930-4537-93d0-0972a2ef14df
x-amzn-trace-id: root=1-655e1f1a-601e9eb959e353fe61d0c7de;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 28921
x-amz-cf-id: iw3mdISVV4mE19Q9upwS0xlldN2acIN-K2dScm8Lo3xxmzbkxS1qRw==

GET
H2 200 winter-conditions-1.jpg
cdn2.tdecu.org/images/blog/541/ 37 KB
37 KB 39ms
39ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/blog/541/winter-conditions-1.jpg?f=a&s=432x280
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b91fb0a0a07c47f4cc9ddd745881cfe74f67902115b263d01bc11da39dd18b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:30:12 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 361895
x-amzn-requestid: ea8aefd4-84ae-4c14-8171-2ec3e7f0d984
x-amzn-trace-id: root=1-656baff4-2a6a6f3344011d9834cc4344;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 37535
x-amz-cf-id: GSfXuxHoHxC94FlOZyIw050kMEM6ljwJFXrJE0NgGAF3mkkL-K7dug==

GET
H2 200 november-security-awareness-blog.jpg
cdn2.tdecu.org/images/blog-upload/ 13 KB
13 KB 37ms
37ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/blog-upload/november-security-awareness-blog.jpg?f=a&s=432x280
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e0d5d0e752d29818cb2fb954c79751a7f57cf7fa92c882a6d2accb79e90e00ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:30:12 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 361895
x-amzn-requestid: c4d48c4d-18e8-4dd7-9320-980f2e8be605
x-amzn-trace-id: root=1-656baff4-2cdf091764af3cdb25046ebc;sampled=0;lineage=bc1bd12d:0
x-cache: Hit from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 12985
x-amz-cf-id: 2A1F-44IdnNWtifb1SPjvw93PGEdv9hhs6n_soWP6NxCtbQdzefhXw==

GET
H/1.1 200
OK / Show response
api.ipify.org/ 31 B
205 B 499ms
160ms Script
application/javascript 104.237.62.212
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.212 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.2 /
Resource Hash: 283f3df0b40b0c146e3387971524e9dfb1eec7b1779f2883161f784ee73b33fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 03:01:47 GMT
Server: nginx/1.25.2
Connection: keep-alive
Content-Length: 31
Vary: Origin
Content-Type: application/javascript

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 86ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-73V86QZK0R&gtm=45je3bt0v875933936z8831284953&_p=1701918106324&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=35285576.1701918108&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dp=%2F&dt=TDECU%20%7C%20Your%20Texas%20Credit%20Union%20With%20Digital%20Banking&sid=1701918107&sct=1&seg=0&dl=https%3A%2F%2Fwww.tdecu.org%2F&en=page_view&_fv=1&_ss=1&ep.page_previous=external&ep.page_ct=1&ep.analytics_tag=GA4%20-%20page_view%20(www.tdecu.org)&ep.user_status=not-logged-in&tfd=2804
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-73V86QZK0R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tdecu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 102ms
33ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-73V86QZK0R&cid=35285576.1701918108&gtm=45je3bt0v875933936z8831284953&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-73V86QZK0R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tdecu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 193ms
69ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-73V86QZK0R&cid=35285576.1701918108&gtm=45je3bt0v875933936z8831284953&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1549487512

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 25006980.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 55ms
55ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25006980.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3e409165ad535825942bfcc93d1ff12f0b4400a40351e55be3af5f054aebecad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 07 Dec 2023 03:01:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F6E4CE3497A442EAD7A03BC164C615F Ref B: DUS30EDGE0419 Ref C: 2023-12-07T03:01:47Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 82ms
81ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25006980&tm=gtm002&Ver=2&mid=dfde57d8-ee59-413c-90dd-20fa79083c68&sid=f5e817c094ac11eea917730856a9d254&vid=f5e83be094ac11ee824ecb4775d66e20&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=TDECU%20%7C%20Your%20Texas%20Credit%20Union%20With%20Digital%20Banking&p=https%3A%2F%2Fwww.tdecu.org%2F&r=&lt=2131&evt=pageLoad&sv=1&rn=333711

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 03:01:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1CDC2A27F7944B87A944C21017EE5C43 Ref B: DUS30EDGE0419 Ref C: 2023-12-07T03:01:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1008014887/ 42 B
455 B 115ms
43ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1008014887/?random=1701918107141&cv=11&fst=1701918000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831284953&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tdecu.org%2F&frm=0&tiba=TDECU%20%7C%20Your%20Texas%20Credit%20Union%20With%20Digital%20Banking&fmt=3&is_vtc=1&cid=CAQSGwDICaaNCChat7wmvl7JLGYTCES_-1lmewiLEw&random=850325841&rmt_tld=0&ipr=y

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/1008014887/ 42 B
154 B 109ms
69ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/1008014887/?random=1701918107141&cv=11&fst=1701918000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831284953&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tdecu.org%2F&frm=0&tiba=TDECU%20%7C%20Your%20Texas%20Credit%20Union%20With%20Digital%20Banking&fmt=3&is_vtc=1&cid=CAQSGwDICaaNCChat7wmvl7JLGYTCES_-1lmewiLEw&random=850325841&rmt_tld=1&ipr=y

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 469749416569494 Show response
connect.facebook.net/signals/config/ 116 KB
31 KB 101ms
99ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/469749416569494?v=2.9.138&r=stable&domain=www.tdecu.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bffca056b94276e2a0853d50a1f921aad3a41587956e142cda8142ab74db12e5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 03:01:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: bqOToHEUqTcegljwX9VpwmO2Ks0npDTC14JgAsf4laDow0Ht3G1s1J5EmGBCQvbI2Ir8QSuYqhZTVwXEgkg31g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3UHUTMCIQFEF5HI7C7C6X3 Show response
d.adroll.com/consent/check/ 508 B
601 B 164ms
41ms Script
application/javascript 2a05:d018:cc3:fe04:fea5:fbe:6689:e04c
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/3UHUTMCIQFEF5HI7C7C6X3?pv=38288182745.045044&arrfrr=https%3A%2F%2Fwww.tdecu.org%2F&_s=14477247146e8aebdb1fb541173116e4&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:fea5:fbe:6689:e04c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 4d44305c88d293b1e070890b7a23cbf266018459c0fcca5ae5b5713a631b807a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:47 GMT
server: nginx/1.22.1
content-length: 508
content-type: application/javascript

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
20 KB 32ms
31ms Script
application/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cra9ptioz7?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:46 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
x-azure-ref-originshield: 0xO5vZQAAAAD9ezXbtcFWTLDFfxCTMejYQU1TMDRFREdFMTgxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
etag: "0x8DBF4C1B3818466"
x-azure-ref: 0mzVxZQAAAADujZ6WmCTmTJVZuXbZ7XQFQlJVMzBFREdFMDcxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: b1c4fde0-001e-0056-2cac-27df34000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 webcomponents_es5-fb051d12e.js Show response
libs.salemove.com/visitor/ 936 B
1 KB 35ms
34ms Script
application/javascript 2600:9000:206f:9400:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor/webcomponents_es5-fb051d12e.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-fb051d12e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:9400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:06:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 136503
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 936
last-modified: Tue, 05 Dec 2023 12:28:59 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:f86098c5208655efb405300993461936
etag: "f86098c5208655efb405300993461936"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DqJtsd4nIz6_5KNibNZJa5nZw_09bxJPWL8kW70UWhuByG2JCAPpJw==

GET
H2 200 25006980 Show response
www.clarity.ms/tag/uet/ 840 B
989 B 118ms
117ms Script
application/x-javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/25006980?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/25006980.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dd65c5befb77618910b27095a02cdc0e5de78418442cacb015d086707261422f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date: Thu, 07 Dec 2023 03:01:47 GMT
x-azure-ref: 0mzVxZQAAAAC1fR3B/mICTKje/nBqdnyKQlJVMzBFREdFMDcxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 840
expires: -1

GET
H2 200 visitor-app.85b5c859.min.js Show response
libs.salemove.com/ 686 KB
198 KB 40ms
37ms Script
application/javascript 2600:9000:206f:9400:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor-app.85b5c859.min.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-fb051d12e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:9400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

06379a5856668548f0a4ef088a085f11529ca908e85ed70d6bafac01f09efe68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:35:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 152756
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 05 Dec 2023 08:08:18 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:3ed039ff6ec68e63c937cbef7ffab5f5
etag: W/"3ed039ff6ec68e63c937cbef7ffab5f5"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: XJg0N6ZMYYHO5pg7HY-2yP_ykGUL1jt5Yws7bMrpraBYNycBGkDdRw==

GET
H2 200 visitor-app.85b5c859.default.css
libs.salemove.com/ 206 KB
30 KB 75ms
72ms Stylesheet
text/css 2600:9000:206f:9400:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor-app.85b5c859.default.css

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-fb051d12e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:9400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

54a36ace3d2d860fd3e4f5e0d59f43b6653c4c2ba6fd87ce73e2d3fc22b61a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:35:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 152756
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 05 Dec 2023 08:08:18 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:593e94f08cd3472f4bd4420fc198b2a7
etag: W/"593e94f08cd3472f4bd4420fc198b2a7"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: 4ca3_REdHkeDTP4550AANvwIa2U9Nf1ncnskUl_QFKBY3iO2qPwwQA==

GET
H2 200 gva-custom-chat-renderer.9ee1ee1.js Show response
libs.salemove.com/ 23 KB
8 KB 73ms
71ms Script
application/javascript 2600:9000:206f:9400:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/gva-custom-chat-renderer.9ee1ee1.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-fb051d12e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:9400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a19e35c238665b103fff54c0a89023a450c1d40f5cd58e01a7f5e5616d9aace7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 19:59:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 716530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 25 Oct 2023 07:25:06 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:0f7fb6803bd6390810b1bd3849ed1eca
etag: W/"0f7fb6803bd6390810b1bd3849ed1eca"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: ioiJaNJj2FPXWQQHfqkDZVibttkhZbJczFxJ-gRhjqAQqUpa-iD8YQ==

GET
H2 200 gva-custom-chat-renderer.9ee1ee1.css
libs.salemove.com/ 8 KB
2 KB 37ms
35ms Stylesheet
text/css 2600:9000:206f:9400:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/gva-custom-chat-renderer.9ee1ee1.css

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-fb051d12e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:9400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7e3733c4cb4fbd606eb5ce52c0ff6dbc8e175e2fb2b8199ea0387339f425186

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 543122
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 25 Oct 2023 07:25:06 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:4c01dddd167e508399fb3f31894d95f0
etag: W/"4c01dddd167e508399fb3f31894d95f0"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: Gk-vGrD86nYHxCBLhoSZBkiqoWhkvKFTAa3M2YNSnSG1b1eNgFkLQA==

GET
H3 200 272515130417969 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 104ms
104ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/272515130417969?v=2.9.138&r=stable&domain=www.tdecu.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a20ea836f9696af8e3c798de88cb41d2be18e1b0c712255ae52ffad61a20f3f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 03:01:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 9FzNuJ6o9JkcgatXWJjfpMPv/gufNrdPgZxqKUIvebkcpyGRjCHIoToZR8cKQAe1qOHrVjrA6ilAOActzNkdHQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 120ms
36ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=469749416569494&ev=PageView&dl=https%3A%2F%2Fwww.tdecu.org&rl=&if=false&ts=1701918107787&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1701918107786.1558243314&pm=1&hrl=8a5736&ler=empty&it=1701918107632&coo=false&tm=1&cs_cc=1&cas=2488452894508771%2C2283814135060923&rqm=GET

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Dec 2023 03:01:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=272617675076&ADFtpmode=2&loc=https%3A%2F%2Fwww.tdecu.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=272617675076&ADFtpmode=2&loc=https%3A%2F%2Fwww.tdecu.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

1 KB
1 KB

99ms
98ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=272617675076&ADFtpmode=2&loc=https%3A%2F%2Fwww.tdecu.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a269b6a2432179c4bc10516633d5fca545a3b9e82cffa28debc6aaba49902921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 792
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=272617675076&ADFtpmode=2&loc=https%3A%2F%2Fwww.tdecu.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
293 B 572ms
326ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.tdecu.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.tdecu.org
Date: Thu, 07 Dec 2023 03:01:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 717490166725921 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 97ms
96ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/717490166725921?v=2.9.138&r=stable&domain=www.tdecu.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3ba633a4e68d164e9e7f2ec449fb819fd8670ee93af48b18c6b21e91b6edb89

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 03:01:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: XGmXez+vp5dMWTdRlsXGbqlrX9mUfX6IGORHKnIIHpnlgbtWoWpvfmeyk2HZjaM5pXWrNJWpLyXAMhYBJkpvxw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 34ms
33ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272515130417969&ev=PageView&dl=https%3A%2F%2Fwww.tdecu.org&rl=&if=false&ts=1701918108037&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1701918107786.1558243314&pm=1&hrl=b2113c&ler=empty&cs_est=true&it=1701918107632&coo=false&tm=1&cs_cc=1&cas=4229840827118706%2C4941065865950597&rqm=GET

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Dec 2023 03:01:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 www.tdecu.org.json Show response
script.crazyegg.com/pages/data-scripts/0115/0550/site/ 7 KB
3 KB 457ms
402ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0115/0550/site/www.tdecu.org.json?t=1
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e5fc9610ade7337f10d17cb1202abcbb2e6c24a106cca059933e220c9d41c00

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:48 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 03:01:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.153
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831986afb9866618-AMS
content-length: 2456

GET
H2 204 0
bat.bing.com/action/ 0
122 B 60ms
53ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25006980&tm=gtm002&Ver=2&mid=dfde57d8-ee59-413c-90dd-20fa79083c68&sid=f5e817c094ac11eea917730856a9d254&vid=f5e83be094ac11ee824ecb4775d66e20&vids=0&msclkid=N&gtm_tag_source=ua&ec=NonInteraction&el=31.204.150.114&gc=USD&tpp=1&en=Y&p=https%3A%2F%2Fwww.tdecu.org%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=154684

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 03:01:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3F95C59E570457BB9E37F54427026DA Ref B: DUS30EDGE0419 Ref C: 2023-12-07T03:01:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tv2track.php
collector-29653.us.tvsquared.com/ 42 B
276 B 118ms
118ms Image
image/gif 3.17.53.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-29653.us.tvsquared.com/tv2track.php?action_name=TDECU%20%7C%20Your%20Texas%20Credit%20Union%20With%20Digital%20Banking&idsite=TV-7209364563-1&rec=1&r=183779&h=4&m=1&s=48&url=https%3A%2F%2Fwww.tdecu.org%2F&_id=ad0114eb27fd4fb6&_idts=1701918108&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=237
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.17.53.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-53-221.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Thu, 07 Dec 2023 03:01:48 GMT
Server: nginx
Connection: keep-alive
Request-Id: be21f441-3fa1-4d49-8829-3b43f58a42f8
Content-Length: 42
Content-Type: image/gif

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 35ms
34ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=717490166725921&ev=PageView&dl=https%3A%2F%2Fwww.tdecu.org&rl=&if=false&ts=1701918108145&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1701918107786.1558243314&pm=1&hrl=b958cb&ler=empty&it=1701918107632&coo=false&tm=1&cs_cc=1&rqm=GET

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Dec 2023 03:01:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 35ms
34ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=469749416569494&ev=PageView&dl=https%3A%2F%2Fwww.tdecu.org&rl=&if=false&ts=1701918108147&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1701918107786.1558243314&pm=1&hrl=8a5736&ler=empty&it=1701918107632&coo=false&cs_cc=1&cas=2488452894508771%2C2283814135060923&rqm=GET

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Dec 2023 03:01:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 36ms
35ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272515130417969&ev=PageView&dl=https%3A%2F%2Fwww.tdecu.org&rl=&if=false&ts=1701918108149&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1701918107786.1558243314&pm=1&hrl=b2113c&ler=empty&cs_est=true&it=1701918107632&coo=false&cs_cc=1&cas=4229840827118706%2C4941065865950597&rqm=GET

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Dec 2023 03:01:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 36ms
35ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=717490166725921&ev=PageView&dl=https%3A%2F%2Fwww.tdecu.org&rl=&if=false&ts=1701918108150&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1701918107786.1558243314&pm=1&hrl=b958cb&ler=empty&it=1701918107632&coo=false&cs_cc=1&rqm=GET

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Dec 2023 03:01:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 0891 1 KB
1 KB 101ms
97ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=2816787&lid=120549097&ctype=0&media=0&PageName=Retargeting&rnd=1615736760&cpref=&loc=https%3a%2f%2fwww.tdecu.org%2f

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1f521ac499f04ae8afe55f64b67966b2b7211e3cf1fc67689ae2484ebd94649e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tdecu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 03:01:48 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 2FCF 4 KB
2 KB 364ms
47ms Document
text/html 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=272617675076&ADFtpmode=2&loc=https%3A%2F%2Fwww.tdecu.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0a6438a61e90e9f2434824b82d1aaa3cea20e418fffb486964a3855906777a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tdecu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 03:01:48 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
467 B 352ms
46ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=5986721754627265361&stamp=QmbN0HmVTdEDvP-67D9Y4w2

Requested by

Host: www.tdecu.org
URL: https://www.tdecu.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 219d370add706cffcc1a4f80ada0a455.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 137 KB
46 KB 36ms
36ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/219d370add706cffcc1a4f80ada0a455.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0115/0550.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3070a466b840b215ed8bd56484b78317b2e1316caed633bc139af0b8d9170aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 10:29:27 GMT
server: cloudflare
age: 460998
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831986b23a136702-AMS
content-length: 46671

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 0891 161 B
543 B 141ms
48ms Script
text/javascript 23.35.228.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1613114&mt_adid=258182&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2816787&lid=120549097&ctype=0&media=0&PageName=Retargeting&rnd=1615736760&cpref=&loc=https%3a%2f%2fwww.tdecu.org%2f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-210.deploy.static.akamaitechnologies.com
Software: MT3 1143 599e619 master zrh zrh-pixel-x10 config_version:"2895" /
Resource Hash: 98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 03:01:48 GMT
Server: MT3 1143 599e619 master zrh zrh-pixel-x10 config_version:"2895"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 161
Expires: Thu, 07 Dec 2023 03:01:47 GMT

GET
H2 200 24365
stags.bluekai.com/site/ Frame 0891 62 B
572 B 304ms
189ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/24365?limit=1&phint=custom_audience%3Dcp_tippit-moo_tdecu_tdecu_retargeting-pixel_10-11-22
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2816787&lid=120549097&ctype=0&media=0&PageName=Retargeting&rnd=1615736760&cpref=&loc=https%3a%2f%2fwww.tdecu.org%2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 07 Dec 2023 03:01:48 GMT
content-length: 62
bk-server: f4b2
content-type: image/gif

GET
H2 200 www.tdecu.org.json Show response
script.crazyegg.com/pages/data-scripts/0115/0550/sampling/ 150 B
205 B 390ms
390ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0115/0550/sampling/www.tdecu.org.json?t=472755
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a71196a6f3141315710ae7b078f5a87d2dad0f6ab041514b3d8d87401c53a1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:48 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 03:01:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.153
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831986b2db976618-AMS
content-length: 142

GET
H2 200 plf
c1.adform.net/imatch/ Frame 2FCF 0
384 B 47ms
46ms Image
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 2FCF 43 B
199 B 172ms
43ms Image
image/gif 54.74.227.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5986721754627265361&Expiration=1703127708
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.74.227.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-227-215.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 03:01:48 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 2FCF 0
235 B 145ms
47ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 03:01:48 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 06 Dec 2023 03:01:48 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 2FCF 0
214 B 169ms
32ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 2FCF 0
38 B 108ms
32ms Image
text/plain 3.127.104.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5986721754627265361&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.104.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-104-80.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:48 GMT
content-length: 0

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 2FCF 43 B
114 B 135ms
36ms Image
image/gif 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5986721754627265361&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:48 GMT
content-type: image/gif

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 2FCF 43 B
639 B 209ms
36ms Image
image/gif 2607:ae80:192:1::173
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 03:01:48 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1701918108578059-403

GET
H2 200 sync
x.bidswitch.net/ Frame 2FCF 43 B
146 B 375ms
32ms Image
image/gif 52.59.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.98.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-98-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 2FCF
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5986721754627265361&expiration=1703127708
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5986721754627265361&expiration=1703127708&C=1

43 B
344 B

49ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5986721754627265361&expiration=1703127708&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2Fnhi0%2FtwqCyGqCXHPGpzmEo18FaBH5clbXQ214168eBcyGrHTZvB94kNVdzZhgug7NiVOdixlBeyZ%2BcufQzF%2BMIzco9hxuW%2FDuZg4s%2BugZmzT97xXf8Bvg6Gq3lU%2FE%2FwM50pmw0jRQnzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 831986b3e952666e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7X4%2BSMDYY3Q0q91m%2BpUtmOWOTC7V39FyV1mYS92J3%2F43gHUuUsuIhXpjncbQLT4yItEn%2Fq5gcNMWaWZoxKqqHiIX1nFNoWdoL2QRnm19wRRSqlKyiSDlXc4Ex1mP1HRVc7F9d%2FMppEzcTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=5986721754627265361&expiration=1703127708&C=1
cache-control: no-cache
cf-ray: 831986b38920666e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame 2FCF
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5986721754627265361&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5986721754627265361&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=5986721754627265361&gdpr=&sInitiator=external
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=2219546490082728919&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Q0Y4M0IzNTIxNEM0NkQwNg&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEOWSv0I_CAKfe2muai7Ag-I&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEOWSv0I_CAKfe2muai7Ag-I&sInitiator=internal&google_cver=1&gdpr=

0
415 B

40ms
40ms

Image
text/plain

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEOWSv0I_CAKfe2muai7Ag-I&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:58 GMT
uip-status: Ok
frontend-id: 15
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:59 GMT
frontend-id: 12
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEOWSv0I_CAKfe2muai7Ag-I&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 2FCF 0
344 B 141ms
33ms Image
text/plain 3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5986721754627265361&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 03:01:48 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 2FCF
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5986721754627265361
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5986721754627265361&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
385 B

135ms
34ms

Image
image/gif

2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 07 Dec 2023 03:01:49 GMT
x-age-lb: 1016986
x-77-cache: HIT
x-accel-date: 1700901123
content-length: 43
x-77-nzt: EQwBnJIhiAH3moQPAA
x-accel-expires: @1701937195
x-77-age: 1016986
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: f6587a1dfb34a3489d35716559825505
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Thu, 07 Dec 2023 03:01:48 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 2FCF
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=5986721754627265361
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNTk4NjcyMTc1NDYyNzI2NTM2MRAAGg0InOvEqwYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKno965i8wIdxAe7Vhc_21I&google_cver=1

42 B
60 B

32ms
32ms

Image
image/gif

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKno965i8wIdxAe7Vhc_21I&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:49 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKno965i8wIdxAe7Vhc_21I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5986721754627265361/gdpr=/ Frame 2FCF 49 B
266 B 136ms
43ms Image
image/gif 54.170.64.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5986721754627265361/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.64.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-64-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.144
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 2FCF 62 B
218 B 216ms
185ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 07 Dec 2023 03:01:48 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 2FCF 43 B
264 B 108ms
31ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 2FCF
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

156ms
52ms

Image
image/gif

52.92.16.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: HTTP/1.1
Server: 52.92.16.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 03:01:50 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: W01H52ZFRVAV18K9
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: jGwB1xM4TPKGabgIpeZdTzFzP99uwmPqYTk1v5ViwVTYrNN+YHGFU9iDdqFVv/ZZtbc2N6HSyrw=

Redirect headers

X-Error-Reason: Missing UserId
Date: Thu, 07 Dec 2023 03:01:48 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H/1.1 200
OK /
cm.adsafety.net/ Frame 2FCF 43 B
577 B 103ms
32ms Image
image/gif 89.163.240.121
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.163.240.121 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm46.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 03:01:48 GMT
Last-Modified: Thu, 07 Dec 2023 03:01:48 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 2FCF 0
337 B 145ms
41ms Image
text/plain 18.203.91.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: beacon-n006-dub-prod.krxd.net
date: Thu, 07 Dec 2023 03:01:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1701918108
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 2FCF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTk4NjcyMTc1NDYyNzI2NTM2MQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHjQ72tmFeEQG2L0UoAF_vo&google_cver=1&google_ula=1641347,0

35 B
591 B

46ms
46ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHjQ72tmFeEQG2L0UoAF_vo&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHjQ72tmFeEQG2L0UoAF_vo&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 2FCF 0
384 B 49ms
47ms Image
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

setuid
secure.adnxs.com/ Frame 2FCF
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=2219546490082728919&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=5986721754627265361

43 B
833 B

26ms
25ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=5986721754627265361

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
an-x-request-uuid: 7762ed91-39b3-4241-b9a7-5d148abfa0d3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.150.114; 31.204.150.114; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=5986721754627265361
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 2FCF 0
225 B 116ms
31ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 03:01:48 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 2FCF 43 B
444 B 136ms
34ms Image
image/gif 65.9.66.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-72.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 06:23:08 GMT
Via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-C1
Age: 74321
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: AdrjwXQpLxSBsFJuRAqgQ2LpZbsRqI_ctxoHhMlM1gzjCwsBRmuKvQ==

GET
H/1.1

200

p
a.audrte.com/ Frame 2FCF
Redirect Chain

https://a.audrte.com/a?adform_uid=5986721754627265361
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MjlsRWc5V1ZZUVJSOUNkWmpNQ1FiTXFwUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

40ms
40ms

Image
image/png

52.208.123.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: HTTP/1.1
Server: 52.208.123.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-123-102.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 03:01:49 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 07 Dec 2023 03:01:49 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 2FCF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5986721754627265361&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5986721754627265361&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=85624736947680220181620742887375369474&noredirect=1

35 B
600 B

46ms
46ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=85624736947680220181620742887375369474&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-irl1-2-v054-04cc94887.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: g0tVB1XgRd8=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=85624736947680220181620742887375369474&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 2FCF
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5986721754627265361
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219103204723000167774

35 B
591 B

46ms
46ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219103204723000167774

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219103204723000167774
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 2FCF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7309682618634336415

35 B
600 B

47ms
46ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7309682618634336415

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7309682618634336415
Date: Thu, 07 Dec 2023 03:01:49 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 2FCF 62 B
360 B 213ms
212ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 07 Dec 2023 03:01:49 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 2FCF
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=mpPg3Pva1Rb4E55

35 B
600 B

47ms
47ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=mpPg3Pva1Rb4E55

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 03:01:49 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=mpPg3Pva1Rb4E55
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2FCF 70 B
149 B 527ms
42ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:49 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 2FCF 0
72 B 739ms
138ms Image
text/plain 216.46.185.183
ASN-FLEXENTIAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.183 Aurora, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame 2FCF 43 B
921 B 468ms
33ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=5986721754627265361

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 07 Dec 2023 03:01:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 2FCF
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=32661861
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=INNob.zBV0f6uRh0a7QmE.

35 B
600 B

47ms
46ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=INNob.zBV0f6uRh0a7QmE.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
via: 1.1 google
last-modified: Thu, 07 Dec 2023 03:01:49 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=INNob.zBV0f6uRh0a7QmE.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 2FCF 23 B
163 B 363ms
65ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 07 Dec 2023 03:01:49 GMT
pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 204 /
s.ad.smaato.net/c/ Frame 2FCF 0
236 B 342ms
46ms Image
text/plain 2600:9000:211e:ce00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ce00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:49 GMT
cache-control: no-cache, must-revalidate
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: BsG3VGD9q6rv-hq-chU7qoIB3kfilwa79WrrN5BtkDLbGoqivvLHeQ==
x-cache: Miss from cloudfront

GET
H2 200 5986721754627265361
match.contentexchange.me/adform/ Frame 2FCF 0
49 B 167ms
48ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/5986721754627265361?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:49 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 2FCF 37 B
140 B 98ms
32ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=5986721754627265361&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame 2FCF 0
44 B 128ms
32ms Image
text/plain 3.120.117.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=5986721754627265361
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.117.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-117-184.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:49 GMT
server: awselb/2.0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 2FCF 0
384 B 46ms
46ms Image
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5986721754627265361&agencyId=6276&advertiserId=2136215&src=tp&rnd=996088
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
293 B 111ms
111ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.tdecu.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.tdecu.org
Date: Thu, 07 Dec 2023 03:01:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
460 B 118ms
32ms XHR
application/json 13.32.27.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 6743902
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: YBFW2nSE_qVPkYwGAxGOzFEJalY-16RBfSo1_09UTjcjngw-32kW9A==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
460 B 117ms
32ms XHR
application/json 18.66.122.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:00:49 GMT
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 9500461
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: 5sB_U5sHcFQyFwcERkn2rHPfJ3ms2VsTgXaeXjrw0QU3mqwZlH4fHA==

GET
BLOB 200
OK 0f64b8cc-497d-4833-8a77-43370a6705ea
https://www.tdecu.org/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tdecu.org/0f64b8cc-497d-4833-8a77-43370a6705ea
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ 30 B
137 B 540ms
66ms XHR
text/plain 54.154.232.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1701918109124&tk=a6ae71edb380a67d6de4a4d7d0eec3c9&s=410856&p=%2F&u=1150550&v=c25934840f40634503ea5a888beeb8fdf8175b48&f=tdecu.org&ul=https%3A%2F%2Fwww.tdecu.org%2F
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.232.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-232-97.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 9d1665c6c5e34d1d9f669ca645616fcfd1d5aef668cc43a6282698c0bc4df559

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 03:01:49 GMT
cache-control: no-store
server: awselb/2.0
content-length: 30
content-type: text/plain

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-73V86QZK0R&gtm=45je3bt0v875933936&_p=1701918106324&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=35285576.1701918108&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Eg&_s=2&dp=%2F&sid=1701918107&sct=1&seg=0&dl=https%3A%2F%2Fwww.tdecu.org%2F&dt=TDECU%20%7C%20Your%20Texas%20Credit%20Union%20With%20Digital%20Banking&en=viewed_experiment&_ee=1&ep.page_previous=external&ep.ce_test_viewed=TDTDAA1&ep.ce_test_variation=DAA2&_et=2098&tfd=4931
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-73V86QZK0R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tdecu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d9b6b28e3d84db3e4c966a5cf73af402.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 34ms
34ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0115/0550.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:57:18 GMT
server: cloudflare
age: 461000
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831986b9df5e6702-AMS
content-length: 8025

GET
H2 200 rv
ftrk.crazyegg.com/ 0
79 B 429ms
129ms Image
text/plain 44.199.106.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ftrk.crazyegg.com/rv?CAewdgTgjg0AnAQwK4DYC2BJAjAaQLQDMGMALAAwBMFA7AKwBiYAQgGoDGAYAM60JkBmWAAgkCALSwBPFABMAGgGE5YgMoAlAF5QMAACA===
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.199.106.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-106-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 03:01:50 GMT
server: nginx

GET
BLOB 200
OK 78accccd-894c-4833-9a73-494e39215456
https://www.tdecu.org/ 256 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tdecu.org/78accccd-894c-4833-9a73-494e39215456
Requested by: Host: www.tdecu.org
URL: https://www.tdecu.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61276ef869766b3663bd44e32f0696542b85a9864b9387489b4cb2ad65a18635

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 256
Content-Type: text/javascript

GET
H2 200 fb6b2c9922f0fc0cfc17e642c41aafa6.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 95 KB
30 KB 35ms
34ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/fb6b2c9922f0fc0cfc17e642c41aafa6.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0115/0550.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c44faa5219c63be035fb0eb18bd9dca99ace6f12f8246721b7776bc2536131

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:57:16 GMT
server: cloudflare
age: 460999
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831986ba1f766702-AMS
content-length: 30703

GET
H2 200 RQw9Hj3k.json Show response
cdn-cookieyes.com/client_data/56cf2d44ea731ea9ecfb4a95/ 17 KB
5 KB 92ms
32ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/56cf2d44ea731ea9ecfb4a95/RQw9Hj3k.json
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3cb5925f0b97d89508b1752c22a58ef0307576eb1d54c6987bb94c1a0d786ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 09:22:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 44182
etag: W/"4295-60bd3e5a75d53"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrQXFPgHKc7Mel1d1NDmMd%2Bwpm%2BYsf9QsW8dNy2ZsRABBbMGnY7PNsKxfbOj8zYUjBcnGT0DMapQp531ocuFJfD9n3i253hbUQ1Hh4MBiZ60Xn6WryXJSwyuyZG1coqjoNaSOcSv53FdxSdXvsWW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 831986bceecc6674-AMS

GET
H2 200 heatmaps.js Show response
heatmaps.monsido.com/v1/ 8 KB
3 KB 98ms
26ms Script
text/javascript 2600:1901:0:476d::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heatmaps.monsido.com/v1/heatmaps.js
Requested by: Host: app-script.monsido.com
URL: https://app-script.monsido.com/v2/monsido-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:476d:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 699e1427474c3daa7932aa405a51762e6ab51ba12a19775321a7357deb31f384

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 02:58:03 GMT
content-encoding: gzip
age: 227
x-guploader-uploadid: ABPtcPoAC4WtwmmFEC96LmQodK_MSoa1tH5CAwd6_09Uupal-pAGIGOg7UhHzKBVcnvuwuVo4-oJRSa9TEk4IIEcB6lIrw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2870
last-modified: Thu, 01 Jun 2023 07:10:33 GMT
server: UploadServer
etag: "6bd8810f93d4046aec0007f3db64ca67"
vary: Accept-Encoding
x-goog-generation: 1685603433813852
x-goog-hash: crc32c=uwyl4w==, md5=a9iBD5PUBGrsAAfz22TKZw==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300
x-goog-stored-content-length: 2870
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 07 Dec 2023 03:03:03 GMT

GET
H2 200 /
tracking.monsido.com/ 43 B
196 B 117ms
32ms Image
image/gif 2600:1901:0:891c::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.monsido.com/?a=jxntH58yj40suPDIjtI69Q&b=https%3A%2F%2Fwww.tdecu.org%2F&c=4581701918110150&d=1600x1200&f=E771701918110150&h=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:891c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: 2023-12-07T03:01:50Z
date: Thu, 07 Dec 2023 03:01:50 GMT
cache-control: private, no-store, max-age=0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8D1A5788AB1E4AC6B6E46769E859EE6D&RedC=c.clarity.ms&MXFR=1E6D36D3B3646FAA1B462533B7646153
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8D1A5788AB1E4AC6B6E46769E859EE6D&MUID=2D00ECD0A631635E3FBAFF30A7F1625C

42 B
444 B

41ms
41ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8D1A5788AB1E4AC6B6E46769E859EE6D&MUID=2D00ECD0A631635E3FBAFF30A7F1625C
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 03:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32737DB14B9E452FBE0D1D9C5F0275F2 Ref B: DUS30EDGE0419 Ref C: 2023-12-07T03:01:50Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8D1A5788AB1E4AC6B6E46769E859EE6D&MUID=2D00ECD0A631635E3FBAFF30A7F1625C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 9BA3 0
59 B 52ms
42ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=s4so7ax&ref=https%3A%2F%2Fwww.tdecu.org%2F&upid=1epc39v&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tdecu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 03:01:50 GMT
server: Kestrel

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 0457 0
59 B 47ms
43ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=0f9ttjl&ref=https%3A%2F%2Fwww.tdecu.org%2F&upid=gbyj632&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tdecu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 03:01:50 GMT
server: Kestrel

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 2A8E 0
59 B 42ms
42ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=s4so7ax&ref=https%3A%2F%2Fwww.tdecu.org%2F&upid=1epc39v&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tdecu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 03:01:50 GMT
server: Kestrel

GET
H2 200 texans-left-bg-v6.jpg
cdn2.tdecu.org/images/article-image/ 13 KB
13 KB 593ms
591ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/article-image/texans-left-bg-v6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b072deeebaa7465bda33c8da482957d347115cf12fd9c942e577a7a64cfce3f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:50 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amzn-requestid: 131ecf76-5a1b-4865-b667-685534fd01bd
x-amzn-trace-id: root=1-6571359e-7d3ae18964c7e42a0cad47db;sampled=0;lineage=bc1bd12d:0
x-cache: Miss from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 13272
x-amz-cf-id: 83AiOj0jdmp3GFMPF8M6Zr2bcLqXlBl1JSVtCU0G1YuuO4YkxmC6eg==

GET
H2 200 bucees-card-left-bg-2022-2.jpg
cdn2.tdecu.org/images/article-image/ 7 KB
7 KB 458ms
457ms Image
image/avif 2600:9000:223c:400:10:1005:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.tdecu.org/images/article-image/bucees-card-left-bg-2022-2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:10:1005:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7188d449e1c22fb99eebd810b60c1279a4e87d373908b7856e0bd4e384fc84d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:50 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amzn-requestid: 516267c8-6e66-47db-b074-c8ceee15a7f2
x-amzn-trace-id: root=1-6571359e-6e346ef37398c7611c16c3d2;sampled=0;lineage=bc1bd12d:0
x-cache: Miss from cloudfront
content-type: image/avif
cache-control: public, max-age=31536000
content-length: 6889
x-amz-cf-id: TlKW8IOFWqFFoGfadJYp6gHZsML1GHZXh3gtUNwHUTcxA4OflXB5Ew==

GET
H2 200 ip Show response
directory.cookieyes.com/api/v1/ 120 B
273 B 141ms
41ms Fetch
text/html 18.202.124.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://directory.cookieyes.com/api/v1/ip
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.124.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-124-231.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: aab71aef19a23bbbb564135c135b27c88788cc9eb231db85afd90bc80feb2abc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 03:01:50 GMT
x-powered-by: Express
content-length: 120
etag: W/"78-2HYTDo/Z11lvRCCL9NoENsdlz6g"
content-type: text/html; charset=utf-8

GET
H3 200 jxntH58yj40suPDIjtI69Q.json Show response
heatmaps.monsido.com/v1/settings/ 56 B
83 B 383ms
329ms XHR
application/json 2600:1901:0:476d::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heatmaps.monsido.com/v1/settings/jxntH58yj40suPDIjtI69Q.json
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:476d:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 281058203e02c938d2a50fe17591b5b883dded456b9240247853c0633026c316

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:50 GMT
x-guploader-uploadid: ABPtcPpc9wUj9f0f6rF0qZtW7667el7xIQjZZjztP2o6CE2c5rrstWxPZ6_0mZUUZn1B5T2IaGBqzvRjwDvfMe7fdh8wAJn0yTvW
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
last-modified: Tue, 21 Mar 2023 17:33:44 GMT
server: UploadServer
etag: "f9c1a04d7994b6254cbc4bd24c18bb26"
x-goog-generation: 1679420024260128
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=o4Eluw==, md5=+cGgTXmUtiVMvEvSTBi7Jg==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300
x-goog-stored-content-length: 56
accept-ranges: bytes
expires: Thu, 07 Dec 2023 03:06:50 GMT

GET
H2 200 tdecu-logo.svg
www.tdecu.org/images/assets/ 5 KB
2 KB 119ms
119ms Image
image/svg+xml 3.17.197.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdecu.org/images/assets/tdecu-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.17.197.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-197-235.us-east-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a466f2cd63a7ab3ea163854856db3b06103c7af453411ac23d0fd377e8454bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 27 Jan 2020 19:33:59 GMT
server: nginx/1.18.0 (Ubuntu)
age: 20106
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-cache: HIT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1613
x-cache-hits: 427

GET
H2 200 close.svg
cdn-cookieyes.com/assets/images/icons/ 317 B
585 B 32ms
31ms Image
image/svg+xml 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/icons/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 057121d759b2f06b7f958b628fe8f6da48dfde4ff2506d3c9736b01118ebba0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tdecu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:01:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 128699
etag: W/"13d-5da3a673c2c19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wur%2BJjxbyGOCliAwIhh6nxMpOvipkRH1oedmj8N39ukmilX%2BD5ZWxO8NSiDG03RwSEspVJ5PA%2F7zfDxy777xybSaMHVUIkLZQkRN8%2FqcWiX0aqrFo41sRIPmlW9wxiFLTM9m3s0w%2FHPvCeQKWmkB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 831986be3f74b8f7-AMS

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
153 B 132ms
42ms Ping
text/plain 18.202.124.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/56cf2d44ea731ea9ecfb4a95/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.124.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-124-231.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.tdecu.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBeFLKbqkOOeJAM9m

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 03:01:50 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

POST
H/1.1 204
No Content /
client-logger.salemove.com/ 0
0 373ms
116ms Fetch 52.7.4.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://client-logger.salemove.com/

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.7.4.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-4-58.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.tdecu.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 03:01:50 GMT
server: envoy
vary: Origin
access-control-max-age: 7200
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers
x-envoy-upstream-service-time: 1

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
293 B 220ms
220ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.tdecu.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.tdecu.org
Date: Thu, 07 Dec 2023 03:01:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

74 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sitescdn.net/	1970-01-20 16:45:19	Name: __cf_bm Value: ayCu400FypmPlRRGxTZtxMQ4ruFoforKSCfwkbOC0KA-1701918105-0-AdYucEUdnLLf8XnLtwXd100FPK/HSSM8Yt0R6NnqkFvQckD8ByBjX5kqhOJY8F6f706SHSHg37nmK0XsVtwqYwM=
.onlineaccess1.com/	1969-12-31 23:59:59	Name: __cfruid Value: 742e5fed8a7a0f82a90ec3280efe85d207b27f4f-1701918105
.tdecu.org/	1970-01-21 01:32:20	Name: _vwo_uuid_v2 Value: D687ABBD5129B9B3FEC145748FC535821\|0175d4f21893c905ec21731fc8bd34cb
.tdecu.org/	1970-01-21 02:21:18	Name: _vwo_uuid Value: D687ABBD5129B9B3FEC145748FC535821
.tdecu.org/	1970-01-20 18:54:54	Name: _vwo_ds Value: 3%241701918106%3A59.35029638%3A%3A
.tdecu.org/	1970-01-20 16:45:19	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
.tdecu.org/	1970-01-20 19:09:18	Name: _vis_opt_s Value: 1%7C
.tdecu.org/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
api.glia.com/	1970-01-21 01:30:54	Name: visitor_session Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MDE5MTgxMDcsInZpc2l0b3JfaWQiOiJkMzg2OGM5NC1hYmQ4LTRlOTAtOTIzYS1mMzY5MzIxZGM2NTUiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI4OWVhNjI0OS1mZDdhLTQ5MDMtODZjNi0xYmJiYTg1ZDc5ZWIifQ.c14Ff1B-y-AXnY9qSriiSbgCMqG9GM1U8hKcREABr7gLjdizIpTdcT49vRM9pQHXjK1wxl9YoWa6CwifqRdAXg
api.glia.com/	1970-01-20 16:45:18	Name: partitioned_visitor_session Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MDE5MTgxMDcsInZpc2l0b3JfaWQiOiJkMzg2OGM5NC1hYmQ4LTRlOTAtOTIzYS1mMzY5MzIxZGM2NTUiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI4OWVhNjI0OS1mZDdhLTQ5MDMtODZjNi0xYmJiYTg1ZDc5ZWIifQ.c14Ff1B-y-AXnY9qSriiSbgCMqG9GM1U8hKcREABr7gLjdizIpTdcT49vRM9pQHXjK1wxl9YoWa6CwifqRdAXg
162566.tctm.co/	1969-12-31 23:59:59	Name: ct162566 Value: 6571359b00027b06ec51955d
.tdecu.org/	1970-01-20 18:54:54	Name: _rdt_uuid Value: 1701918107448.24637e65-2b5b-401e-9bfc-aa2a03a37832
www.clarity.ms/	1970-01-21 01:30:54	Name: CLID Value: 8766f8bcaf6547d4a4fa61c2ed070955.20231207.20241206
.tdecu.org/	1970-01-20 18:54:54	Name: __ctmid Value: 6571359b00027b06ec51955d
www.tdecu.org/	1970-01-20 18:54:54	Name: __ctmid Value: 6571359b00027b06ec51955d
.bing.com/	1970-01-21 02:06:54	Name: MUID Value: 2D00ECD0A631635E3FBAFF30A7F1625C
.tdecu.org/	1970-01-21 01:30:54	Name: _clck Value: 8dwyc5%7C2%7Cfhc%7C0%7C1436
www.tdecu.org/	1970-01-21 02:21:18	Name: _tq_id.TV-7209364563-1.d413 Value: ad0114eb27fd4fb6.1701918108.0.1701918108..
.adform.net/	1970-01-20 17:29:56	Name: C Value: 1
.adform.net/	1970-01-20 18:11:42	Name: uid Value: 5986721754627265361
.adform.net/	1970-01-20 16:46:44	Name: CM Value: 1\|1
.tdecu.org/	1970-01-20 16:46:44	Name: _clsk Value: 76n2jh%7C1701918108430%7C1%7C1%7Cp.clarity.ms%2Fcollect
.seadform.net/	1970-01-20 18:11:42	Name: uid Value: 5986721754627265361
.adform.net/	1970-01-20 17:05:27	Name: CM14 Value: 1702004508_1701918108_1_Hu7u4e4e4R7u4e4REREeEREREQ
.casalemedia.com/	1970-01-21 01:30:54	Name: CMID Value: ZXE1nHoUtWOJys0uB.BqFAAA
.casalemedia.com/	1970-01-20 18:54:54	Name: CMPS Value: 3240
.casalemedia.com/	1970-01-20 18:54:54	Name: CMPRO Value: 3240
.eyeota.net/	1970-01-20 16:45:18	Name: SERVERID Value: 19420~DM
.ads.stickyadstv.com/	1970-01-20 18:11:42	Name: uid-bp-617 Value: 5986721754627265361
.ads.stickyadstv.com/	1970-01-20 17:28:30	Name: UID Value: f16a647be89e84eb9a8604ea61dd677
.bluekai.com/	1970-01-20 21:04:30	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 21:08:49	Name: bku Value: nPX99JyNzVVI4VRo
.rlcdn.com/	1970-01-20 18:11:42	Name: pxrc Value: CJzrxKsGEgUI6AcQABIGCLrqARAA
.exelator.com/	1970-01-20 19:38:06	Name: EE Value: "936c7b51d4124de619b6099df3c1a204"
cm.adsafety.net/	1970-01-21 01:30:54	Name: cache0 Value: ZHgzeXg5czBXcVgwYWhGa1JrL05sQT09
.exelator.com/	1970-01-20 19:38:06	Name: ud Value: "eJxrXxzq6XKLQcHS2CzZPMnUMMXE0MgkJdXM0DLJzMDSMiXNONkw0cjAZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6Ij%252BfxUUpaQyLSopPBR9TlAUAf9QpSw%253D%253D"
.krxd.net/	1970-01-20 21:04:30	Name: _kuid_ Value: P9bN9GiD
.tdecu.org/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.tdecu.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.adnxs.com/	1970-01-20 18:54:54	Name: uuid2 Value: 2219546490082728919
.doubleclick.net/	1970-01-21 02:06:54	Name: IDE Value: AHWqTUmmB2b-gEZXf_KyxcUWOgZEvGbmBUeFkUKSi41yKc7FbVEoi1eI7o7ApRuWXxQ
.rlcdn.com/	1970-01-21 01:30:54	Name: rlas3 Value: aka95AeNHIdvpK8hcoLEkhFRRXbXHzMC7wHLyZSIbXM=
.semasio.net/	1970-01-21 01:30:54	Name: SEUNCY Value: CF83B35214C46D06
.adnxs.com/	1970-01-20 18:54:54	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2GVRB6G$P!@wnfH8K4YRH[@9=E'gFdXckZi.r0mgkNWaglg>m>lnd[/LOOGbpRzqF1`*b`OM(TR3+
.tdecu.org/	1970-01-20 16:46:44	Name: _ce.clock_event Value: 1
.demdex.net/	1970-01-20 21:04:30	Name: demdex Value: 85624736947680220181620742887375369474
.audrte.com/	1970-01-20 17:06:54	Name: arcki2 Value: 29lEg9WVYQRR9CdZjMCQbMqpQ!20220908!1701918109160!ip#31.204.150.114
.audrte.com/	1970-01-20 17:06:54	Name: arcki2_adform Value: 5986721754627265361!20220908!1701918109160
.dpm.demdex.net/	1970-01-20 21:04:30	Name: dpm Value: 85624736947680220181620742887375369474
.audrte.com/	1970-01-20 17:06:54	Name: arcki2_ddp2 Value: 29lEg9WVYQRR9CdZjMCQbMqpQ!20220908!1701918109245
.adfarm1.adition.com/	1970-01-20 18:54:54	Name: UserID1 Value: 7309682618634336415
.weborama.fr/	1970-01-21 02:11:13	Name: AFFICHE_W Value: Rc82OAyhK5RF55
.agkn.com/	1970-01-21 01:30:54	Name: ab Value: 0001%3AOfwnaUemEMLUp8lzXw6ukkY4FZYmlMRr
.w55c.net/	1970-01-21 02:16:58	Name: wfivefivec Value: mpPg3Pva1Rb4E55
.tdecu.org/	1970-01-20 16:46:44	Name: _ce.clock_data Value: 21%2C31.204.150.114%2C1%2C9d9fcb00733e98b40e93b73c4ea99695
.w55c.net/	1970-01-20 17:28:30	Name: matchadform Value: 5
.tdecu.org/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.tdecu.org/	1970-01-21 01:30:54	Name: _ce.s Value: v~c25934840f40634503ea5a888beeb8fdf8175b48~lcw~1701918109712~lva~1701918109000~vpv~0~flv~9au6mI1K-3I%3A402275FnBVc~v11.fhb~1701918109710~v11.lhb~1701918109710~v11.cs~410856~v11.s~f72ab100-94ac-11ee-9ba9-376d36b5cf6d~lcw~1701918109713
.tdecu.org/	1970-01-21 01:30:54	Name: _CEFT Value: EgNwlgpg7hAmBcBOAhgVwGwFsCSBGA0gLQDM2A0ACwAMATDQOwCsAYgHYBCAagMYBAYsAAgViALVwBPdLAAaAYRmiAygCUAXgEdsQA%3D%3D
www.tdecu.org/	1970-01-20 17:28:30	Name: monsido Value: 4581701918110150
.tdecu.org/	1970-01-21 01:30:54	Name: cookieyesID Value: a25KTXR0aDY3bnNoS0NzaDlsbmJPcTBVbWNDSmtsV3o=
.c.bing.com/	1970-01-20 16:55:22	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:06:54	Name: SRM_B Value: 2D00ECD0A631635E3FBAFF30A7F1625C
.tdecu.org/	1970-01-21 01:30:54	Name: cky-consent Value: no
.tdecu.org/	1970-01-21 01:30:54	Name: cookieyes-necessary Value: yes
.tdecu.org/	1970-01-21 01:30:54	Name: cookieyes-functional Value: no
.tdecu.org/	1970-01-21 01:30:54	Name: cookieyes-analytics Value: no
.tdecu.org/	1970-01-21 01:30:54	Name: cookieyes-performance Value: no
.tdecu.org/	1970-01-21 01:30:54	Name: cookieyes-advertisement Value: no
.tdecu.org/	1970-01-21 01:30:54	Name: cookieyes-other Value: no
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:06:54	Name: MUID Value: 2D00ECD0A631635E3FBAFF30A7F1625C
.c.clarity.ms/	1970-01-20 16:55:22	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:45:18	Name: ANONCHK Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5986721754627265361/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

162566.tctm.co
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
alb.reddit.com
answersstatus.pagescdn.com
api.adrtx.net
api.glia.com
api.ipify.org
app-script.monsido.com
assets-tracking.crazyegg.com
assets.sitescdn.net
bat.bing.com
beacon.krxd.net
beyoubelong.info
c.bing.com
c.clarity.ms
c1.adform.net
cdn-cookieyes.com
cdn2.tdecu.org
cds-sdkcfg.onlineaccess1.com
client-logger.salemove.com
cm.adsafety.net
cm.g.doubleclick.net
collector-29653.us.tvsquared.com
connect.facebook.net
d.adroll.com
dev.visualwebsiteoptimizer.com
directory.cookieyes.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.gstatic.com
ftrk.crazyegg.com
global.ib-ibi.com
googleads.g.doubleclick.net
heatmaps.monsido.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
insight.adsrvr.org
js.adsrvr.org
libs.salemove.com
load77.exelator.com
loadm.exelator.com
log.cookieyes.com
match.adsrvr.org
match.contentexchange.me
p.clarity.ms
pagestates-tracking.crazyegg.com
pdw-adf.userreport.com
pixel.mathtag.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
region1.analytics.google.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.adroll.com
s2.adform.net
s3-eu-west-1.amazonaws.com
script.crazyegg.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
stags.bluekai.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
tracking.crazyegg.com
tracking.monsido.com
uipglob.semasio.net
www.beyoubelong.org
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.redditstatic.com
www.tdecu.org
x.bidswitch.net
104.237.62.212
108.138.15.119
13.32.27.106
142.250.185.194
162.19.138.116
172.64.151.101
18.202.124.231
18.203.91.219
18.66.122.45
185.167.164.49
185.64.191.210
185.86.139.104
185.89.210.46
192.0.63.252
20.122.63.128
2001:4860:4802:32::36
216.46.185.183
23.35.228.210
23.35.237.56
23.35.237.75
2600:1901:0:22e6::
2600:1901:0:476d::
2600:1901:0:891c::
2600:9000:206f:9400:0:99b9:cd80:93a1
2600:9000:211e:ce00:1b:5138:8a40:93a1
2600:9000:223c:400:10:1005:db40:93a1
2600:9000:223d:dc00:12:de4a:40:93a1
2600:9000:2644:5400:6:9280:1080:93a1
2600:9000:2646:2800:17:4c3f:1b80:93a1
2606:4700:20::ac43:44d6
2606:4700:3032::6815:5690
2606:4700::6811:1954
2606:4700::6811:1a54
2606:4700::6813:9408
2607:ae80:192:1::173
2620:1ec:bdf::67
2620:1ec:c11::200
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c07::9a
2a02:6ea0:c700::17
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::396
2a04:4e42:600::396
2a05:d018:cc3:fe04:fea5:fbe:6689:e04c
2a06:98c1:3120::3
3.120.117.184
3.122.214.165
3.127.104.80
3.17.197.235
3.17.53.221
3.33.220.150
34.240.243.8
34.96.102.137
34.98.64.218
35.190.24.218
35.244.174.68
37.157.5.72
37.157.6.233
37.157.6.243
44.199.106.16
46.19.11.36
52.208.123.102
52.57.12.239
52.59.98.46
52.7.4.58
52.92.16.32
54.154.232.97
54.170.64.73
54.74.227.215
54.74.69.97
54.78.254.47
63.34.248.140
65.9.66.72
68.219.88.97
69.173.144.139
69.192.160.219
76.223.111.18
77.243.51.121
85.114.159.93
89.163.240.121
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
057121d759b2f06b7f958b628fe8f6da48dfde4ff2506d3c9736b01118ebba0e
06379a5856668548f0a4ef088a085f11529ca908e85ed70d6bafac01f09efe68
085fa63bd5ca5ec9e2fb93e761032cbb85a9f11c5f984842bb63230b539bbeab
0a20ea836f9696af8e3c798de88cb41d2be18e1b0c712255ae52ffad61a20f3f
0a6438a61e90e9f2434824b82d1aaa3cea20e418fffb486964a3855906777a12
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
180d581f3cec69f0245e5c81e7cf068681f9b8e821c9f2ee601bb85803c04200
185f6679ba7cbbce16dc3413260616a69a536b68f9d9a2941ac69eb0ebdedb66
1d11441a60f0c81871548ccecf0b533ae2fff9f3b47aeb8d8d25ff1f2f10f54f
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
1f521ac499f04ae8afe55f64b67966b2b7211e3cf1fc67689ae2484ebd94649e
20f40bd6f1d17b00a055956c034b229fc0b4b1d4331ccb526d42973264b2edae
27a019fce2776dee76a2eb18a3a5f86b8949778891f6cf9a921d0a2386cd7ffc
281058203e02c938d2a50fe17591b5b883dded456b9240247853c0633026c316
283f3df0b40b0c146e3387971524e9dfb1eec7b1779f2883161f784ee73b33fb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5fc9610ade7337f10d17cb1202abcbb2e6c24a106cca059933e220c9d41c00
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3019bf38e1904c4c5f6f5c4183bfe3126a6415403b0c3909b7da715afbe08a2e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a191572908746d2e318ba46d98d44ccb92ac9354ba06aad2fe3a47aa354753
33721247fe4974d66ef41ebe2f249cfb941eca6fa3558c0889143864af10e87d
347d69c2aa3e6b0fa8fea29ab451f1849d18441bd2336aac8846c8f2aa7610f4
34fd40bbba74b00767d38ca2ecc95bec1e20bd72615ead84fe786b8cf218ef0d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e409165ad535825942bfcc93d1ff12f0b4400a40351e55be3af5f054aebecad
41e40ec4f7a4f3bac749ad9e0af6e75ff360a9cdedebc5bea916fa857ccfef97
4b39060455791325aad8e7a4a2c63581af939fc26dc42e4e4e43b182d323c575
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd9ae8b2b6b357924c6fb9a199e13e5fcfcf3485dadea9c6974a8e62547256f
4d44305c88d293b1e070890b7a23cbf266018459c0fcca5ae5b5713a631b807a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53d04d468fe6bb252d339a3a08e27bfc1f1ac0d625a17eef038b6837a91510
501099e3597bc2c949e5639a9b29b1e9cc4bd77d5bf7d1dc9e6c7897b8ba030b
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
50f4eb73e4854117bf7bf9da7dc0c17740b03b5db6eb7ee6ffc20aeb35c1ea48
51f4a13cf5d952a4b0ab1c733c71bba1ab065db1c1519b47d6952f4d954e007e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a36ace3d2d860fd3e4f5e0d59f43b6653c4c2ba6fd87ce73e2d3fc22b61a52
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d7976e7429a62d85580ac13dde40ebdd391368bab495645d8d4ae4aff7d95d6
5e2a4b3b968aa979fc0d0b5f51af93e40ed6a973fbf991484e5f97561579e0cf
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5ec32f78b4ec369e87a00fd1f182ca1742607d17c84cb05d52ce484c157734f2
61276ef869766b3663bd44e32f0696542b85a9864b9387489b4cb2ad65a18635
629f2e60f4b2d89172e4d9345cfc4f0b9493f75bceb2b0f380e4b4b30a6c7b6a
64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35
699e1427474c3daa7932aa405a51762e6ab51ba12a19775321a7357deb31f384
6ab9a6dbc253783f19de0c6941fff5d809894f427672757938c315f05c7d4ac4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
7188d449e1c22fb99eebd810b60c1279a4e87d373908b7856e0bd4e384fc84d1
7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8
7b6b64bd38df5d467b00a459640f5eeb0c99c5a1d92e3489553dcc42344ff0ff
7b91fb0a0a07c47f4cc9ddd745881cfe74f67902115b263d01bc11da39dd18b4
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847ddd7cbb1ab322976ca46c2038b5dacaacb781ff25c9e576c859455802fcac
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33
886bc5e8e4302caaf7d4180769f4d5b0d0ff23bdd929f7e42a8b46613e02faa9
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ba15fd1bf4cc725df14f09a74ec3f3cfd9a3c9f3fab25c8da39652be098c8ac
8c56b8d8270e9f2867bfb8984bcc881da7d7517a93b864ee821f87caa122cbf5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a71196a6f3141315710ae7b078f5a87d2dad0f6ab041514b3d8d87401c53a1a
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9d1665c6c5e34d1d9f669ca645616fcfd1d5aef668cc43a6282698c0bc4df559
a0375c054a0041bd58e2a0bf7fa3df7c3904bfc4f790fd24e32ff3ee70fd0eef
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a19e35c238665b103fff54c0a89023a450c1d40f5cd58e01a7f5e5616d9aace7
a269b6a2432179c4bc10516633d5fca545a3b9e82cffa28debc6aaba49902921
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a466f2cd63a7ab3ea163854856db3b06103c7af453411ac23d0fd377e8454bb8
a520785c9d0e6bac62535ac3fe4983ea61f6baa08c081cf0c6f70b78c049cc51
a8145c626794c882fd517ad8027a1c846c730efd9cba4e3731370f5f6fc0b00c
aab71aef19a23bbbb564135c135b27c88788cc9eb231db85afd90bc80feb2abc
ac5b3ce4e5818c864def6441c3f55fd0e564d481a88a2aef9acd37eb5b118938
b072deeebaa7465bda33c8da482957d347115cf12fd9c942e577a7a64cfce3f9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ba633a4e68d164e9e7f2ec449fb819fd8670ee93af48b18c6b21e91b6edb89
b3cb5925f0b97d89508b1752c22a58ef0307576eb1d54c6987bb94c1a0d786ba
b6f3fbfb1ea5189d02cbcda60eb41d4e7cbe05145dab81b752f3e18982e4a004
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd4895fd857ee9b6c5a841af4ce8586cd64e94f2a718d97e38bd7f9b283468a
bdd12ab35927bc8f25c21676fe4bc6fa30f69b5d5d55a49bd691283773d7913e
bffca056b94276e2a0853d50a1f921aad3a41587956e142cda8142ab74db12e5
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d29f013378e287ad6fee0a3d57e0a1d3815dc2403f8dbaa14e0ca36f8c8f3284
d3070a466b840b215ed8bd56484b78317b2e1316caed633bc139af0b8d9170aa
d4c44faa5219c63be035fb0eb18bd9dca99ace6f12f8246721b7776bc2536131
d7e3733c4cb4fbd606eb5ce52c0ff6dbc8e175e2fb2b8199ea0387339f425186
d8a4feefff1bf62a42eac260d3efe25d1bb72e3a32b220212d14c7c3012c6698
db55ab4e4b3f7ad0e31f77951e3aa6e51ca610c86f3c436e0891b062b3bbaef6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd65c5befb77618910b27095a02cdc0e5de78418442cacb015d086707261422f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0d5d0e752d29818cb2fb954c79751a7f57cf7fa92c882a6d2accb79e90e00ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e482eb6717364f5372e044fe181c2abdcbffa18e36a7860634deb4273440a139
e59372389432693f0fc02525af9060408172ddee0f91e67faf1beb0a0282f6b4
e647fd151d941ab7e693248b0d96d53257061d4d37ab628300b5724589a52718
e726adf83b1ea776f29251ac7ea24757afc19a3d5474c00a8042229997ff2fef
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
eaab23b52c72776f42b8b800cc7b09254e9f31b643ea6b5046255f6c1c78d4fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f001fd0d2b7cca41baa85df3dc1b8e87e980868ae1dc6675e3c0e23098ba8606
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f7d0e21d46cf1fdf41314362952b8700faace627a464fb6ee913027d4aa7842a
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

www.tdecu.org Open in urlscan Pro 3.17.197.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

167 Requests

88 %HTTPS

37 %IPv6

68 Domains

93 Subdomains

77 IPs

8 Countries

2598 kBTransfer

7642 kBSize

74 Cookies

24 Outgoing links

Page URL History

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tdecu.org Open in urlscan Pro
3.17.197.235 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

88 %
HTTPS

37 %
IPv6

68
Domains

93
Subdomains

77
IPs

8
Countries

2598 kB
Transfer

7642 kB
Size

74
Cookies

167 HTTP transactions
4 data transactions