Submitted URL: http://directexpresshelp.com/
Effective URL: https://directexpresshelp.com/
Submission: On November 28 via api from US — Scanned from DE

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3031::ac43:c2c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is directexpresshelp.com.
TLS certificate: Issued by GTS CA 1P5 on October 4th 2023. Valid for: 3 months.
This is the only time directexpresshelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
19 directexpresshelp.com
directexpresshelp.com
178 KB
17 wp.com
i0.wp.com — Cisco Umbrella Rank: 3823
stats.wp.com — Cisco Umbrella Rank: 2855
pixel.wp.com — Cisco Umbrella Rank: 2799
190 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
225 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
3 amazon-adsystem.com
rcm-na.amazon-adsystem.com — Cisco Umbrella Rank: 37059
fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 8787
938 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 14674
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
147 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 845
90 KB
1 assoc-amazon.com
ws-na.assoc-amazon.com — Cisco Umbrella Rank: 31912
44 KB
62 12
Domain Requested by
19 directexpresshelp.com 1 redirects directexpresshelp.com
15 i0.wp.com directexpresshelp.com
6 pagead2.googlesyndication.com directexpresshelp.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 fls-na.amazon-adsystem.com ws-na.assoc-amazon.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net directexpresshelp.com
connect.facebook.net
2 images.dmca.com directexpresshelp.com
2 www.googletagmanager.com directexpresshelp.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 images-na.ssl-images-amazon.com ws-na.assoc-amazon.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 pixel.wp.com directexpresshelp.com
1 ws-na.assoc-amazon.com directexpresshelp.com
1 rcm-na.amazon-adsystem.com 1 redirects
1 stats.wp.com directexpresshelp.com
62 18

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.amazon.com
maps.google.com
www.dmca.com
generatepress.com
Subject Issuer Validity Valid
directexpresshelp.com
GTS CA 1P5
2023-10-04 -
2024-01-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
images.dmca.com
R3
2023-10-26 -
2024-01-24
3 months crt.sh
ws-na.assoc-amazon.com
Amazon RSA 2048 M01
2023-03-16 -
2024-01-21
10 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-06 -
2023-12-05
3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2
2023-08-09 -
2024-07-24
a year crt.sh
fls-na.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-08 -
2024-03-07
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 6 frames:

Primary Page: https://directexpresshelp.com/
Frame ID: 42E8B02B1B6172187F7028697B600A4B
Requests: 51 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Frame ID: 3D0E8B6938F0E973452AE04D86F323AE
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: CB0B98BAB6C1C6045FA22696F0A9CB2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517003535209854&output=html&adk=1812271804&adf=3025194257&lmt=1701171842&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdirectexpresshelp.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701171842215&bpp=2&bdt=205&idt=231&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6156645094141&frm=20&pv=2&ga_vid=6916741.1701171842&ga_sid=1701171842&ga_hid=1872338402&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C44809005%2C31078297%2C31079654%2C44807764%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=2141665105785782&tmod=1267013641&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=244
Frame ID: F1D65E1659E037D7FE2BB872FF9F1D5D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC35967839AECD9B1C278F8CC6B23496
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EE8DD3E2F1EEFA5BB81C3014BD3F332E
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Direct Express Card Help - Direct Express Card, Social Security & Disability

Page URL History Show full URLs

  1. http://directexpresshelp.com/ HTTP 301
    https://directexpresshelp.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

98 %
HTTPS

71 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

1001 kB
Transfer

2436 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://directexpresshelp.com/ HTTP 301
    https://directexpresshelp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20 HTTP 302
  • https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20

62 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
directexpresshelp.com/
Redirect Chain
  • http://directexpresshelp.com/
  • https://directexpresshelp.com/
105 KB
21 KB
Document
General
Full URL
https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
b73688820a6d2f6e90adefbbe6f01fb37365fe8e2d23a379685cee5f68a607d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
82d25b460bfd9972-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 11:44:01 GMT
display
orig_site_sol
expires
Mon, 27 Nov 2023 11:44:01 GMT
link
<https://directexpresshelp.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/7Yy4l>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrlBnetCeerxsyqMtKBirgVXSd%2B61HHl6nzZn3%2FrcE3KxJ4t304sK05e4WrxmRi%2FUwIIrtBy1NQMlmiAe4mmE2N9i1DdKzc0F3ynjIRcXAyLMoUo3c10N4wyEbYkqViDfP35uUR3JToIboNGbbmHpNNIfuU%3D"}],"group":"cf-nel","max_age":604800}
response
200
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-ezoic-cdn
Miss
x-middleton-display
orig_site_sol
x-middleton-response
200
x-origin-cache-control
max-age=600, must-revalidate
x-powered-by
WP Engine
x-sol
orig
x-ua-compatible
IE=edge

Redirect headers

CF-RAY
82d25b45cb6830cf-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 28 Nov 2023 11:44:00 GMT
Expires
Tue, 28 Nov 2023 12:44:00 GMT
Location
https://directexpresshelp.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mNYtvat0aPHCDg3A3sdYtN2SG%2FeT3BHAe8cwu6yqj2z5u08Pd3%2BFncOAmDEtzkrNOewx0moQlB3PGQa2ZNWDkwUN2%2FhQJXE8fVXRlGQEfasLIFwwmgMmj2lUPclWtGWqvAY1NBJftTZ7UdhsH0w2Yt2%2FCU%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
alt-svc
h3=":443"; ma=86400
autoptimize_05bc9eefeeab4efa79e4afe6a8c05bbe.css
directexpresshelp.com/wp-content/cache/autoptimize/css/
261 KB
43 KB
Stylesheet
General
Full URL
https://directexpresshelp.com/wp-content/cache/autoptimize/css/autoptimize_05bc9eefeeab4efa79e4afe6a8c05bbe.css
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f0a890903026b2c6d55131d96f859fc315c9c6358cf9f5c84ae8fcfa85d796
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
86444
cf-polished
origSize=267132
x-ezoic-cdn
Hit ds;ds;0e56d8fc86d10143ffa1ccbfc4b6f7f4;2-510601-1;c0e161f4-57ee-4289-45f8-c98a4413024c
x-middleton-display
staticcontent_sol, orig_site_sol
content-encoding
br
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Wed, 22 Nov 2023 21:09:45 GMT
server
cloudflare
etag
W/"655e6e19-4137c-gzip"
x-origin-cache-control
public, max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FbANlFfwzWRy0HWeXGpCRmlBkwZXSryfqwNtsDc%2Fesyc5Gzh6KLd5f81aE%2BY7huWirZYfaolsZRjGHXqx7cvWez67Fnp8HZpKDaR%2F1WrbsRf8oFk3bKzyNQayNXcFsvfS2S3CPG8X%2B90vx9Te6GWqsMI%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
82d25b4c99fa9972-FRA
jquery.min.js
directexpresshelp.com/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://directexpresshelp.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
21513
x-ezoic-cdn
Hit ds;ds;3fa59e638f78181bf733a5a4f29dbe89;2-510601-1;c3693996-d75c-4e37-69a7-7c44888fdacd
x-middleton-display
staticcontent_sol, orig_site_sol
content-encoding
br
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Wed, 22 Nov 2023 20:57:35 GMT
server
cloudflare
etag
W/"655e6b3f-15601-gzip"
x-origin-cache-control
public, max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSkuupc5FcGUJCkK3N5bQzW44Tm35bDqk6WuFSosHSQY3NA3I89g1%2BZE%2FIyLbLYg3w5CLM5KHOzFixtgQog4sP%2FPt9FxZgNdShYNr6HQeDm5c8FkTR1rRIPszzPma2Ve9GiIkGWT9IH0bVwa%2BAfS203x7ng%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
82d25b4c99fb9972-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
150 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3271c82efaa07bf18781bb5c074a5471380b7a84c3a233ec4ebdd1a8f309357f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52670
x-xss-protection
0
server
cafe
etag
17503008088098638339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 28 Nov 2023 11:44:02 GMT
js
www.googletagmanager.com/gtag/
186 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-43683690-3
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82abf74abec80e532b4ad950f041acc0df0051961a931e258df2c76a344cd2d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68818
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Nov 2023 11:44:02 GMT
cropped-cropped-Direct-Express-Help-1.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2018/10/
3 KB
3 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2018/10/cropped-cropped-Direct-Express-Help-1.png?fit=437%2C99&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
34d57b944a61b899807b6946e4a6c2d9692415917faa0a0fffd8d95277431821
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
2956
x-nc
HIT ams 3
last-modified
Thu, 23 Nov 2023 11:43:42 GMT
server
nginx
etag
"8ceb220553545b05"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2018/10/cropped-cropped-Direct-Express-Help-1.png>; rel="canonical"
expires
Sat, 22 Nov 2025 23:43:42 GMT
What-time-does-Social-Security-hit-Direct-Express-card-3.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/
17 KB
18 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-3.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
0252ba74fdd3b504dd7b4d4a15720f1134959bd5e18b1cd26d656924f08629cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
17810
x-nc
HIT ams 6
last-modified
Mon, 27 Nov 2023 22:29:33 GMT
server
nginx
etag
"79e489d31af64748"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-3.png>; rel="canonical"
expires
Thu, 27 Nov 2025 10:29:33 GMT
What-time-does-Social-Security-hit-Direct-Express-card-2.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/
18 KB
18 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-2.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
829a4568d0c8e326c1e022af19985d295dc933dee3ac68e8beb1d29684eba649
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
18138
x-nc
HIT ams 4
last-modified
Wed, 22 Nov 2023 21:47:14 GMT
server
nginx
etag
"64ed9b46f3c660f0"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-2.png>; rel="canonical"
expires
Sat, 22 Nov 2025 09:47:14 GMT
2024-Social-Security-COLA.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/
15 KB
16 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/2024-Social-Security-COLA.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
88e58b06a43d52cf619d55c3134633e2e6476c9d284781aca2d0f6547ee1a938
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
15578
x-nc
HIT ams 4
last-modified
Thu, 23 Nov 2023 11:43:42 GMT
server
nginx
etag
"8ead7ac3218fcc60"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2023/10/2024-Social-Security-COLA.png>; rel="canonical"
expires
Sat, 22 Nov 2025 23:43:42 GMT
How-to-resolve-SSI-Overpayment-letter.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/
14 KB
15 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/How-to-resolve-SSI-Overpayment-letter.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ffc213549ebefcae379a54e755263c4d40f382f4acfb138a9c2411eb0ff5a065
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
14588
x-nc
HIT ams 8
last-modified
Thu, 23 Nov 2023 11:43:42 GMT
server
nginx
etag
"15c7339ff44fe953"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2023/10/How-to-resolve-SSI-Overpayment-letter.png>; rel="canonical"
expires
Sat, 22 Nov 2025 23:43:42 GMT
what-to-do-about-Social-Security-Overpayment-letters.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/
18 KB
19 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/what-to-do-about-Social-Security-Overpayment-letters.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
f9ff06d5d2582b76bd977802f4bfd3275be04820397f192853602ee27f88f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
18760
x-nc
HIT ams 3
last-modified
Thu, 23 Nov 2023 11:43:42 GMT
server
nginx
etag
"12a751b133d82ccf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2023/10/what-to-do-about-Social-Security-Overpayment-letters.png>; rel="canonical"
expires
Sat, 22 Nov 2025 23:43:42 GMT
Direct-Express-Myaccount-Login-.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/
18 KB
19 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/Direct-Express-Myaccount-Login-.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
4762e6e3977758faa3346322cb4f9a2b247d0cabf54783caee527f4a8646c02a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
18772
x-nc
HIT ams 2
last-modified
Thu, 23 Nov 2023 00:56:32 GMT
server
nginx
etag
"c7a3ce04509ca71f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2023/09/Direct-Express-Myaccount-Login-.png>; rel="canonical"
expires
Sat, 22 Nov 2025 12:56:32 GMT
boise.js
directexpresshelp.com/detroitchicago/
913 B
852 B
Script
General
Full URL
https://directexpresshelp.com/detroitchicago/boise.js?gcb=195-0&cb=2
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f2998a5d4419bbab382abed2a0679d2cc64b21e839a636b351786a4c611db0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21513
cf-polished
origSize=926
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Nov 2023 05:45:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oqwgKsdroi9R%2BYbBVQwYT0Uob2kz3Eb94XzW8j1r6kpBSTE6koJDH89ZmIS1gGxyjmE8KKYBBEYa5j%2FTKCcXQhKBWBby3evGFZp%2Bd2wsO6lWMRyGkqbx1g92UDcY%2BCeZnr%2FTckpc4hAG8j4AbrHxxWNZFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4cca3a9972-FRA
abilene.js
directexpresshelp.com/parsonsmaize/
6 KB
3 KB
Script
General
Full URL
https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a389f846ebffac00e3890254db6efec3bec77253854a5bfcea683072ce3b0df5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
cf-polished
origSize=6323
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FytDJ27AX0R5ITKCygahhdsdm1%2F2ozr6O0v%2BLMk5TlHszxZJW4owRKeTqxMDi7Tr83qX7VwaHZTBLLHcDIQ0Yk6UNpit0CRhZ03vTOsVcW96vq%2F%2FIeLhQd1uqr%2FluPcUBZDAYyAQ2ycVzsd8d33VO2HnrTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4cda3b9972-FRA
et.js
directexpresshelp.com/porpoiseant/
1 KB
892 B
Script
General
Full URL
https://directexpresshelp.com/porpoiseant/et.js?gcb=195-0&cb=2
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQM54c0GHk%2Ba0l39ggiuhfI2IEUDAvTywxXWoz9zyhR6xOSl6qYV7CRuanxrYz5rIyGIU99EtpgSajUN31pkjn7fLZz1XZFsZA9oRBpbvk81da8H3m5UKTh4UEvPHH40xgpQ%2FdMUeRLhq6Zqd5EqP47Po2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4cda3c9972-FRA
Social-Security-COLA-Estimate-for-2024.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/
23 KB
23 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/Social-Security-COLA-Estimate-for-2024.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
6c8f7f910058efb76de58e1cd7e4527029ae8c71671e409f94ea3ea2de08ede1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
23098
x-nc
HIT ams 3
last-modified
Thu, 23 Nov 2023 11:43:42 GMT
server
nginx
etag
"ececbb0956a9ad09"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2023/09/Social-Security-COLA-Estimate-for-2024.png>; rel="canonical"
expires
Sat, 22 Nov 2025 23:43:42 GMT
What-time-does-Social-Security-hit-Direct-Express-card-1.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/
17 KB
18 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-1.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
29eab285958e0c7851f7532fcfa4ddb59ab85f844c6436b8c3f1e2a36d7be60f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
17748
x-nc
HIT ams 4
last-modified
Thu, 23 Nov 2023 00:56:32 GMT
server
nginx
etag
"60a8a78fac091ed6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-1.png>; rel="canonical"
expires
Sat, 22 Nov 2025 12:56:32 GMT
What-is-the-expected-Social-Security-increase-for-2024.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/
19 KB
19 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-is-the-expected-Social-Security-increase-for-2024.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
d38641890893dc5f5b62c5733b4a6ebe0369c541d05f5987e92cf65b6b576353
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
19078
x-nc
HIT ams 3
last-modified
Thu, 23 Nov 2023 00:56:32 GMT
server
nginx
etag
"45c2d8853aef7f6b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2023/08/What-is-the-expected-Social-Security-increase-for-2024.png>; rel="canonical"
expires
Sat, 22 Nov 2025 12:56:32 GMT
What-is-Direct-Express-Card-1.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2021/09/
15 KB
16 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2021/09/What-is-Direct-Express-Card-1.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
be12568c14d89d07347ba991e2bd2bfa121602d162c19ddaa878b1e179791a8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
15522
x-nc
HIT ams 3
last-modified
Thu, 23 Nov 2023 11:43:42 GMT
server
nginx
etag
"51fecbc8f2d75833"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2021/09/What-is-Direct-Express-Card-1.png>; rel="canonical"
expires
Sat, 22 Nov 2025 23:43:42 GMT
dmca-badge-w150-2x1-03.png
images.dmca.com/Badges/
9 KB
9 KB
Image
General
Full URL
https://images.dmca.com/Badges/dmca-badge-w150-2x1-03.png?ID=9dfa0eed-0bfb-484b-8953-6fde7868aca9
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / ASP.NET
Resource Hash
e4f82c06e12f028861fcc3587190038b946c774d584c8f58287da453cdfb941b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
09/12/2023 22:58:17
cdn-pullzone
1574055
content-length
9215
last-modified
Mon, 25 Jul 2016 19:39:16 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"1cc8aa3aace6d11:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
eeae2d557d1ae711f33106fb6527ba15
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
DMCABadgeHelper.min.js
images.dmca.com/Badges/
465 B
834 B
Script
General
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
content-encoding
br
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
10/31/2023 19:00:40
cdn-pullzone
1574055
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"26b181f16d28d51:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
256c649b74fdd360f86adc9bd5d08049
cdn-requestcountrycode
DE
link
<https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
e-202348.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202348.js
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT ams
date
Tue, 28 Nov 2023 11:44:02 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684461103136.7104
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 24 Nov 2024 23:29:35 GMT
autoptimize_e28b140867d2dea4e6dbb360c9c0a689.js
directexpresshelp.com/wp-content/cache/autoptimize/js/
140 KB
45 KB
Script
General
Full URL
https://directexpresshelp.com/wp-content/cache/autoptimize/js/autoptimize_e28b140867d2dea4e6dbb360c9c0a689.js
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51446f2d9f69aff69bf39feb33cc5661e4e6c8366825bc4cfb63caa498fe32d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
86443
cf-polished
origSize=143635
x-ezoic-cdn
Hit ds;ds;b43b744d803a81d81a447bc4564c0fd7;2-510601-1;d8c00682-c634-474d-6746-f6a30ed7b08d
x-middleton-display
staticcontent_sol, orig_site_sol
content-encoding
br
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Wed, 22 Nov 2023 21:03:15 GMT
server
cloudflare
etag
W/"655e6c93-23113-gzip"
x-origin-cache-control
public, max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0dGyAdp7Z2ifJs3gs%2BRMd1faS8IbOHAArhu%2BX5qDtSShvUCS1oNEfSs6sT8qj0r%2BsmYf27CcC8MDzX7ENqrhwVAaowS9JE%2FMuffpsFLiI3bjr7Z%2BkphNNvR%2Fna6x0KujSDA0IU9kniuv%2B70mqQ4BFGEud0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
82d25b4cda409972-FRA
cm
ws-na.assoc-amazon.com/widgets/ Frame 3D0E
Redirect Chain
  • https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
  • https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshel...
44 KB
44 KB
Document
General
Full URL
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.135.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
76ba66489fe2da5df50d9bc041f83ac8eb0d726881fcfc77d57edbdc76f26075

Request headers

Referer
https://directexpresshelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Length
44907
Content-Type
text/html;charset=UTF-8
Date
Tue, 28 Nov 2023 11:44:02 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8
p3p
policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 28 Nov 2023 11:44:02 GMT
Location
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SW6RJXQZ9H2JFQCZT1GB
Direct-Express-Pending-Deposits-Dates-and-Times.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2019/11/
1 KB
2 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2019/11/Direct-Express-Pending-Deposits-Dates-and-Times.png?fit=900%2C480&ssl=1&resize=40%2C40
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
254c10129835d4dec3d33dd369f82b69c9d95fb1cc4c45434973eadcbd49a9c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
1250
x-nc
MISS ams 3
last-modified
Tue, 28 Nov 2023 11:44:02 GMT
server
nginx
etag
"3d9f91d5c080b3ea"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2019/11/Direct-Express-Pending-Deposits-Dates-and-Times.png>; rel="canonical"
expires
Thu, 27 Nov 2025 23:44:02 GMT
How-to-contact-the-Direct-Express-Dispute-Department.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2015/11/
642 B
1 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2015/11/How-to-contact-the-Direct-Express-Dispute-Department.png?fit=800%2C600&ssl=1&resize=40%2C40
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
0c67728cf78d492c171c783c35686c6886342ddc229d262e3b3d5f91163f6ae0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
642
x-nc
MISS ams 6
last-modified
Tue, 28 Nov 2023 11:44:02 GMT
server
nginx
etag
"9187797609b4cd3d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2015/11/How-to-contact-the-Direct-Express-Dispute-Department.png>; rel="canonical"
expires
Thu, 27 Nov 2025 23:44:02 GMT
Direct-Express-Emergency-Cash.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2021/03/
632 B
1 KB
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2021/03/Direct-Express-Emergency-Cash.png?fit=800%2C600&ssl=1&resize=40%2C40
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
2eee0cafe6c7f66097f027901c23695439f82c39adc304b9582ad752837a7a4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
632
x-nc
MISS ams 8
last-modified
Tue, 28 Nov 2023 11:44:02 GMT
server
nginx
etag
"9a2643ee97912a81"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2021/03/Direct-Express-Emergency-Cash.png>; rel="canonical"
expires
Thu, 27 Nov 2025 23:44:02 GMT
How-do-I-unlock-my-Direct-Express-card.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2019/11/
494 B
910 B
Image
General
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2019/11/How-do-I-unlock-my-Direct-Express-card.png?fit=800%2C600&ssl=1&resize=40%2C40
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
762bf09b08055d2e81d6499a5176f9119324e7d484536562f9ec083749494d1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
494
x-nc
HIT ams 5
last-modified
Thu, 23 Nov 2023 00:53:25 GMT
server
nginx
etag
"d4b2502d7704995f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://directexpresshelp.com/wp-content/uploads/2019/11/How-do-I-unlock-my-Direct-Express-card.png>; rel="canonical"
expires
Sat, 22 Nov 2025 12:53:25 GMT
7bb5246f-99fc-4b77-ac6e-b605f023911b
https://directexpresshelp.com/
1 KB
0
Other
General
Full URL
blob:https://directexpresshelp.com/7bb5246f-99fc-4b77-ac6e-b605f023911b
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
mulvane.js
directexpresshelp.com/parsonsmaize/
989 B
896 B
Script
General
Full URL
https://directexpresshelp.com/parsonsmaize/mulvane.js?gcb=195-0&cb=5
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
782a4a092a51a3691abc98068868f2a968aa27976791e8403c9e693921246c6b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
cf-polished
origSize=1002
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYoyt5ZPEE0poWhXBRnILAFNjUefjtJfoLf2LzlBwOINRRUd3hFBGZPy76JUk%2FQaDVRhFYrfhSwlo%2F%2Fp5hsRyUz19vvwdF6AURgOc%2Btx8YRVrELtrO85ASOF8Pi8UdIOeY2hXXPAgpzxrYi8Sx6G7ZcXF9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4cfa849972-FRA
raleigh.js
directexpresshelp.com/detroitchicago/
2 KB
1 KB
Script
General
Full URL
https://directexpresshelp.com/detroitchicago/raleigh.js?gcb=195-0&cb=6
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b2906e8443f22f57ad7f18373f5e33e01dfb13c52931cc3d94456b786cef90
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
cf-polished
origSize=1659
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2B81N4d5lEx6lrw5LAJ4YxAml3%2FA389nZQcRjuFEuQKKmW4MxxiV7sf1KGyKDRZ03g5BHmCY5%2Bb%2BZbwljFq2ywwJl4K6LNjOLqBSeXDuNwGSan3CCgYbFB5h1hZc75Tj7vneU6jw33Ref34uCWfpn4y0kx4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4cfa899972-FRA
vista.js
directexpresshelp.com/detroitchicago/
1 KB
834 B
Script
General
Full URL
https://directexpresshelp.com/detroitchicago/vista.js?gcb=195-0&cb=5
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803564d2f40968a670c5748859a0cfece2016ee109d1eea9aa1fbda64553e5c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
cf-polished
origSize=1062
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXLyvqEUAwd361TTzqRqPzQIu2oN3hfFKq14HBU5jyPTD01ptE4aav88WOdKBBIIINlbxEmbhy1Q%2FNf2QqokwAVZdK8Khc7WoRJC%2F6LSVEe%2FpcRLacTZTPm%2FpRRd8U2SEDCh3zOA12RGGy20kbnECZ54CzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4cfa8d9972-FRA
tampa.js
directexpresshelp.com/detroitchicago/
963 B
861 B
Script
General
Full URL
https://directexpresshelp.com/detroitchicago/tampa.js?gcb=195-0&cb=5
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
531197cef35c5eee10b028044f8f238d6bf147d0a24f31969ac8d7bee0e4c008
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
cf-polished
origSize=976
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ua6l8BQJ16IjD%2BXyTGBl012bmHyzyKj%2FRU2Cbw4q99f7rXBrlUwM3otrmoKHvC%2Fm6SYPXmgOSJp66CA2ByHok2L94fc6ldUFKhKtl2ZRmGt5Tk6SE%2BzWVyIWpQMjrQcFfT7bCtBvrNA2RiQ6IuLxa78Ha4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4cfa909972-FRA
olathe.js
directexpresshelp.com/parsonsmaize/
2 KB
1 KB
Script
General
Full URL
https://directexpresshelp.com/parsonsmaize/olathe.js?gcb=195-0&cb=23
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e95dbe814ec64151e2a610cbed23b66909cb781c0ab20b6fa026f3e0f71f227
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
cf-polished
origSize=2255
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdNgF03%2BmQCJ8bJXkP4oLb36iH71Eix1TzQy0pEyfOmAFFyKoZMjiSVvf927xmbjn3HWjPW%2FV9IQRhjYCIhQeA3RY1JI3etYSpfTAxTybE3HtAjjQ1e6mt03lLPNfDpcB3ajBuSvhpSemEYrzrscybgkVPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4d2abe9972-FRA
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f99076fd5074f9fe34d1196caaa33ede5ed9b761205fccb9899c49ffe4388d6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 11:44:02 GMT
content-md5
mKHgUxL8ZF9qWuxHv58WIg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
x-fb-debug
FeOsWVXL3ZIoLbGtJrDmhqioDubxKQKhvl06WtRoTwq1wHbR9cbnVnURMZkPzlqlPCDTJh6l+2m50fk7sS8GAA==
x-fb-content-md5
8a7e23c709a8f1adc3b9ac210018484b
cross-origin-opener-policy
same-origin-allow-popups
etag
"bd795e0dfeff5a37addc40344ce3d85f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 28 Nov 2023 11:47:01 GMT
vitals.js
directexpresshelp.com/tardisrocinante/
8 KB
3 KB
Script
General
Full URL
https://directexpresshelp.com/tardisrocinante/vitals.js?gcb=0&cb=3
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b894147b763542f6c62b74227307d03261af5237a0cd149141af6066a28fec6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
cf-polished
origSize=7941
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RU%2FIGwrSlLaaBzE%2F%2BWY1N%2BCVqA1znOOwDiR1h7ngWnzWo2%2FPtMAHQhfihyrcImo0QmkN2dvZsX%2FQlOPZ9AJ1sKPEsGCAXvzWHbFlPgy%2FQDgTAf%2BrWI0Xv%2BkTs62KIbOsIoMsgZMNMTfr3yeR9UKzS%2BCx1W0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4d3ac89972-FRA
drake.js
directexpresshelp.com/beardeddragon/
4 KB
1 KB
Script
General
Full URL
https://directexpresshelp.com/beardeddragon/drake.js?gcb=0&cb=6
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
cf-polished
origSize=4247
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4P0SAwRVax3q6bQ%2FuePOo2VKnYofoImPtJDx4hDJ3MgxeNiVAcg7CoNSQa3r4uyrJBjMqtDRXaHlSSLNyk%2FO%2BWu%2FXTXyX3JbMlAowVxox2CjaaGzEA5uryfhTeTdfNe5OEKlzvaXwWPbItrI533AlggCdOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4d3acc9972-FRA
chanute.js
directexpresshelp.com/parsonsmaize/
21 KB
6 KB
Script
General
Full URL
https://directexpresshelp.com/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-0&shcb=34
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1eb6123c7c46f878fef314ed06c507b2a9933c4b439af7a872b7861c52d72f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
cf-polished
origSize=21681
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HupufLtSrU%2F7xrVvfZVFaYYFh%2FXdcUXNFQIxfKQJbuwnd8KY5cKeJmeeFVM69NnCTS0Vfeiy53JVs33PflXVGltsPkQd%2F1nlOccOwF7707BueMfzxdq%2BVx8qDaXFtikOnotW5iQQmV9vLPUfMNqDOZPo5u4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4d3acd9972-FRA
jellyfish.js
directexpresshelp.com/porpoiseant/
37 KB
10 KB
Script
General
Full URL
https://directexpresshelp.com/porpoiseant/jellyfish.js?a=a&cb=11&dcb=195-0&shcb=34
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8845f7fdd88e956fb192f1eef85e4afa6b7c59d2bae22b6058f4ca620d67312
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162667
cf-polished
origSize=37593
content-encoding
br
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Nov 2023 14:32:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkZDkiCOxwdyBzYVTUfuOY2av8olNhQrCsLUxIKcB0tmAYp%2FmN%2FgQ%2FTFApZ4oPusmQ6fNWixoD7flAcfJKeeRtBcnkxXJQ%2BnHb4xoh6kj6vk0R0fvFlp9lkmyASSJ2TJ4AaQ9XM7h30KjskhIodsdjKfZ7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82d25b4d3acf9972-FRA
g.gif
pixel.wp.com/
50 B
153 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=117864997&post=0&tz=0&srv=directexpresshelp.com&j=1%3A12.8.1&host=directexpresshelp.com&ref=&fcp=1168&rand=0.45555504815371584
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 11:44:02 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
wp-emoji-release.min.js
directexpresshelp.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://directexpresshelp.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
162667
x-ezoic-cdn
Hit ds;ds;92e7a52a448db8951ede691a383c8998;2-510601-1;bfaa35b7-39ad-4879-4b36-52aef89fbd2c
x-middleton-display
staticcontent_sol, orig_site_sol
content-encoding
br
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904-gzip"
x-origin-cache-control
public, max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=660TujHD9keS%2B0P%2FFk22M%2F4y%2F2Pp8qXZ%2BMU0BpXDno1MJV0RttE%2FOOAeTaRZFKfXmHOuFmTfvMQzA4vpXipFiUTdgdfvgzUCHWZmohWLBGoWH36MfNXjO1%2FaV4TJImexbaL5c0ioivWYRLpl%2BFzuuP1VBBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
82d25b4d4ad99972-FRA
js
www.googletagmanager.com/gtag/
226 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6QW80M9MT9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43683690-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d0f7be86d1bca700849a14d8836da756a68a2a565131e1a2d185b271c7fabb82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81538
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 11:44:02 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43683690-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 09:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6864
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 28 Nov 2023 11:49:38 GMT
imp.gif
directexpresshelp.com/detroitchicago/
43 B
691 B
Ping
General
Full URL
https://directexpresshelp.com/detroitchicago/imp.gif?ez_orig=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://directexpresshelp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display
imp_sol
alt-svc
h3=":443"; ma=86400
content-length
43
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://directexpresshelp.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxMEI9UTInNwAb99V18tDjUs0aa7X0NGHThAId9uXlPYz%2FPjJXjdy6%2BDDqsCdM9koESOJYA2cLpzmqpFKGYg4rywxuuoaEnUUH%2BwsIKFbtETormdbZwLf7rkpqjn2IozFWFc6HQ7kU86AmgKzaMnQYSVbgc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
cf-ray
82d25b4d5ae49972-FRA
access-control-allow-headers
Content-Type
expires
Mon, 27 Nov 2023 11:44:02 GMT
sdk.js
connect.facebook.net/en_US/
302 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f262b97acff3614f0ef758852e3e6bcd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85a61d39ccc2052085ad231cf5dee627e4e4689a8ddc5199390ee0822566d1d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://directexpresshelp.com/
Origin
https://directexpresshelp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 11:44:02 GMT
content-md5
e0IRC8z5qol/6lQoPwScbQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88329
reporting-endpoints
x-fb-debug
sgVgVhQL3JFpZEV+InI2P5eC2V81XSjKgzns2DmfFhcD5QhqkZ2TP58XoMpPOLk0JbTvnKhHLZJu8419eM+Z5w==
x-fb-content-md5
40f81358f8bfd7e11d7cb55117852b8e
cross-origin-opener-policy
same-origin-allow-popups
etag
"28cd0b38b368fc0e7305a7193fd8f08c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Nov 2024 09:19:53 GMT
collect
www.google-analytics.com/j/
2 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1872338402&t=pageview&_s=1&dl=https%3A%2F%2Fdirectexpresshelp.com%2F&ul=en-us&de=UTF-8&dt=Direct%20Express%20Card%20Help%20-%20Direct%20Express%20Card%2C%20Social%20Security%20%26%20Disability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1702968892&gjid=868598131&cid=6916741.1701171842&tid=UA-43683690-3&_gid=512125793.1701171842&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1242716341
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://directexpresshelp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://directexpresshelp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6QW80M9MT9&gtm=45je3b81v9111022135&_p=1701171842049&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=6916741.1701171842&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701171842&sct=1&seg=0&dl=https%3A%2F%2Fdirectexpresshelp.com%2F&dt=Direct%20Express%20Card%20Help%20-%20Direct%20Express%20Card%2C%20Social%20Security%20%26%20Disability&en=page_view&_fv=1&_ss=1&tfd=1288
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6QW80M9MT9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 11:44:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://directexpresshelp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
350 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-43683690-3&cid=6916741.1701171842&jid=1702968892&gjid=868598131&_gid=512125793.1701171842&_u=YEBAAUAAAAAAACAAI~&z=1983476288
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://directexpresshelp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 28 Nov 2023 11:44:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://directexpresshelp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/
397 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9517003535209854&plah=directexpresshelp.com&bust=31079654
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
765b600f144402ed4bb10c187ac8e15dfb1a5ec4ae87ffb857f934bf333e6d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137193
x-xss-protection
0
server
cafe
etag
746961351168791508
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 11:44:02 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame CB0B
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://directexpresshelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13666
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 07:56:16 GMT
etag
111328227650088477
expires
Tue, 12 Dec 2023 07:56:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F1D6
0
188 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517003535209854&output=html&adk=1812271804&adf=3025194257&lmt=1701171842&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdirectexpresshelp.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701171842215&bpp=2&bdt=205&idt=231&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6156645094141&frm=20&pv=2&ga_vid=6916741.1701171842&ga_sid=1701171842&ga_hid=1872338402&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C44809005%2C31078297%2C31079654%2C44807764%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=2141665105785782&tmod=1267013641&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=244
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9517003535209854&plah=directexpresshelp.com&bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://directexpresshelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 11:44:02 GMT
expires
Tue, 28 Nov 2023 11:44:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
PrimeAccess-CustomerBanner-300x250.jpg
images-na.ssl-images-amazon.com/images/G/01/marketing/prime/PrimeUpQualify/ Frame 3D0E
89 KB
90 KB
Image
General
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/marketing/prime/PrimeUpQualify/PrimeAccess-CustomerBanner-300x250.jpg
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6c00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3a5e96b26c8239a32c6da3c4bdb36d46c358232cbc599e8e8b8e32828f21a518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 12:51:30 GMT
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
age
82449
x-amz-cf-pop
FRA56-P4
edge-cache-tag
x-cache-501,/images/G/01/marketing/prime/PrimeUpQualify/PrimeAccess-CustomerBanner-300x250
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
91634
surrogate-key
x-cache-501 /images/G/01/marketing/prime/PrimeUpQualify/PrimeAccess-CustomerBanner-300x250
last-modified
Tue, 11 Oct 2022 22:37:10 GMT
server
Server
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400,public
x-amz-ir-id
14b91e89-66dc-438e-a932-58bb4315fb68
accept-ranges
bytes
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
XyZ5ellHCMtLFIIuQtfrD08SIn9ZduHiTpAZe18JT-CbsvICDeZ36A==
expires
Thu, 31 Aug 2023 10:13:37 GMT
json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 3D0E
43 B
200 B
Image
General
Full URL
https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1701171842970&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22US%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 11:44:02 GMT
x-amzn-RequestId
e4686939-2aed-4756-ab1d-4444e7b0fd54
Content-Length
43
Content-Type
image/gif
/
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/ Frame 3D0E
43 B
200 B
Image
General
Full URL
https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1701171842970&p=%7B%22program%22%3A%221%22%2C%22tag%22%3A%22dexpresshelp-20%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22https%3A%2F%2Fdirectexpresshelp.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 11:44:02 GMT
x-amzn-RequestId
e7d3237e-a7d6-47f2-abf3-ef3fab0ad5b0
Content-Length
43
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9517003535209854&plah=directexpresshelp.com&bust=31079654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a35a59b74a44201244ee4e7bf1295c47c919bb14de4505ae2579ca94a208bc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12320
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9517003535209854&plah=directexpresshelp.com&bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 11:44:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC35
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://directexpresshelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13978
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 07:51:05 GMT
expires
Wed, 27 Nov 2024 07:51:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EE8D
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
432f761db0dcdccac56a9895997b2181192454c67ffcaed383d47bc9121b5075
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jFZ3_IEo2mZmxeldU5JxNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://directexpresshelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jFZ3_IEo2mZmxeldU5JxNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 11:44:03 GMT
expires
Tue, 28 Nov 2023 11:44:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame FC35
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
13977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 07:51:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EE8D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2141665105785782&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame FC35
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ReM6jQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:44:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2141665105785782&bg=!nJ-ln9DNAAZxrfrxUa07ADQBe5WfOKXK4Kp3hT3yQMBebgxlznjlpibOpn6R9QSHYg_zuP2TNuLTeB65L1BQtUuIS8DaAgAAADlSAAAAA2gBB5kCr4lx1LYnZmbNaFqsn4UgEVR88n65XBp7JX1CplXioVZlwwE1oZN-mt-R-A2vMfVwZf2r7sgDSEwQvo9VtpFjEpfSjrNqqTlqDElqFuwG0Ul2x9hYTTGuXq9jWlFLYiUA2ssEdixcx0io4TgMlCYMsLO2ae3s9QfwbfPE1fynF3L9Tn2wyNqux70otB-sG9hNTa64XdRoV4L-8yq7Ic17S-kAlZxCXS0XvLa0cul_8Buxed4FV66FFQKYb86GWhxRLQwfy_8xhG4vtwxbHG-V9rhCE4DZlLuXnYjay7ITwSIn8AWyVAxngh7bjBGk7iiAUWugb1PAODB77zcpBnHgEePu5NFfNSWUlN9s6PcKvgwlNlBTssfyxdhwWmxzcSJnFgSQag6e195rsV6D0YYlnpzIxHZVFjKlcmA9lo6LLMHzzRpmJfRkdzp6C8ZD81TJxUVPOaOG4_MPHr8ED2S9uVaa_xMpQCKaijL3jPe2o6bFo7EGi7KbttFsKZuP0fi61cPr4bkG8S6_tEWXG9iRPfXcWJM7Bwlhx_1V3bTSsuQXABnxts1MlA9VO4JRa-3ZuzL3380a-Vz6hjPvyMLGL9cjdJ16N3mjDK1St8ErfFTwtX6lJSP19XwrXVxDtARtzsvCH6pyWhVMOQk-jC-u6zqGNONFyTX4ceNwX7Dhtu9We2-uGoLcGkwHJdZNs6jFQiQ7d-S8iPdlMjqtdhWRTcayyn7XlJzXzfqzdF9GkHeIBOTF98rDShyxeUrQjed19FMq9PEV5JEFpRz86FE32wrFVKmbuamLjl0MlB0fxTys9RGd2iZp053VFct6s_3xrljoWEccq9ru8d2kYiOo4EVkYN1TAW86xm2v7Y9o9mPxIJ7JAFE6fqDPmOyXVLYevTI0y3pqrPCoZdVNU9e0qg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://directexpresshelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| __ez object| _ezaq object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue object| advads_options object| advanced_ads_pro_visitor_conditions object| adsbygoogle function| gtag object| dataLayer object| advadsCfpQueue function| advadsCfpAd string| ezoTemplate string| ezouid string| ezoFormfactor string| soc_app_id number| did string| ezdomain number| ezoicSearchable string| _ezExtraQueries function| create_ezolpl function| attach_ezolpl undefined| $ function| jQuery undefined| hREED function| __ezDotData function| getEzErrorURL function| reportEzError object| advanced_ads_responsive object| advadsCfpInfo object| generatepressMenu object| advanced_ads_pro_ajax_object object| _stq object| jetpackSwiperLibraryPath object| jetpackCarouselStrings object| advads_admin_bar_items string| _audins_dom number| _audins_did undefined| __ez_dims function| st_go function| linktracker_init object| wpcom number| advanced_ads_resizetimeout number| advanced_ads_cookieexpires number| advanced_ads_browser_width function| advanced_ads_resize_window function| advanced_ads_save_width function| advads_resize_delay function| advanced_ads_get_browser_width object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group object| advads function| get_unix_time_in_seconds function| advads_postscribe object| lazySizes object| advadsProCfp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga number| ez_tos_track_count number| ez_last_activity_count object| metricNameMap function| ezlogVital object| webVitals function| initEzux function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| riveted object| ezux object| FB object| twemoji object| wp object| ct object| ezdent object| ezDenty object| ezua object| ezuxgoals object| _ezfd object| gaplugins object| gaGlobal object| gaData object| googletag object| __buffer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| advads_passive_ads object| advads_passive_groups object| advads_passive_placements object| advads_placement_tests object| advads_ajax_queries object| advads_has_ads object| advads_js_items object| perf_vals object| GoogleGcLKhOms object| google_image_requests

19 Cookies

Domain/Path Name / Value
.directexpresshelp.com/ Name: ezoadgid_510601
Value: -1
.directexpresshelp.com/ Name: ezoref_510601
Value:
.directexpresshelp.com/ Name: ezosuibasgeneris-1
Value: 82a00e60-1932-4c7d-76f5-c03392373497
.directexpresshelp.com/ Name: ezoab_510601
Value: mod253-c
.directexpresshelp.com/ Name: active_template::510601
Value: orig_site.1701171840
.directexpresshelp.com/ Name: ezopvc_510601
Value: 1
.directexpresshelp.com/ Name: lp_510601
Value: https://directexpresshelp.com/
.directexpresshelp.com/ Name: ezovuuidtime_510601
Value: 1701171841
.directexpresshelp.com/ Name: ezovuuid_510601
Value: 81d97a16-07d0-4f78-4dd8-a2642e0ec503
directexpresshelp.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
directexpresshelp.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
directexpresshelp.com/ Name: advanced_ads_page_impressions
Value: %7B%22expires%22%3A2016531842%2C%22data%22%3A1%7D
directexpresshelp.com/ Name: advanced_ads_browser_width
Value: 1600
.directexpresshelp.com/ Name: _gid
Value: GA1.2.512125793.1701171842
.directexpresshelp.com/ Name: _gat_gtag_UA_43683690_3
Value: 1
.directexpresshelp.com/ Name: _ga_6QW80M9MT9
Value: GS1.1.1701171842.1.0.1701171842.0.0.0
.directexpresshelp.com/ Name: _ga
Value: GA1.1.6916741.1701171842
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
directexpresshelp.com/ Name: ezux_lpl_510601
Value: 1701171843303|e0cabc91-167b-4657-7e1d-fa7e29bf1ffe|false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
directexpresshelp.com
fls-na.amazon-adsystem.com
googleads.g.doubleclick.net
i0.wp.com
images-na.ssl-images-amazon.com
images.dmca.com
pagead2.googlesyndication.com
pixel.wp.com
rcm-na.amazon-adsystem.com
region1.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
ws-na.assoc-amazon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
192.0.76.3
192.0.77.2
2001:4860:4802:32::36
2400:52e0:1e00::1080:1
2600:9000:223e:6c00:1d:d7f6:39d3:7a61
2606:4700:3031::ac43:c2c0
2a00:1450:4001:800::2001
2a00:1450:4001:810::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9d
2a03:2880:f084:d:face:b00c:0:3
44.215.118.203
52.46.135.132
52.94.237.66
0252ba74fdd3b504dd7b4d4a15720f1134959bd5e18b1cd26d656924f08629cc
09f0a890903026b2c6d55131d96f859fc315c9c6358cf9f5c84ae8fcfa85d796
0c67728cf78d492c171c783c35686c6886342ddc229d262e3b3d5f91163f6ae0
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
254c10129835d4dec3d33dd369f82b69c9d95fb1cc4c45434973eadcbd49a9c7
29eab285958e0c7851f7532fcfa4ddb59ab85f844c6436b8c3f1e2a36d7be60f
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
2eee0cafe6c7f66097f027901c23695439f82c39adc304b9582ad752837a7a4d
3271c82efaa07bf18781bb5c074a5471380b7a84c3a233ec4ebdd1a8f309357f
34d57b944a61b899807b6946e4a6c2d9692415917faa0a0fffd8d95277431821
36f2998a5d4419bbab382abed2a0679d2cc64b21e839a636b351786a4c611db0
3a5e96b26c8239a32c6da3c4bdb36d46c358232cbc599e8e8b8e32828f21a518
3e95dbe814ec64151e2a610cbed23b66909cb781c0ab20b6fa026f3e0f71f227
432f761db0dcdccac56a9895997b2181192454c67ffcaed383d47bc9121b5075
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4762e6e3977758faa3346322cb4f9a2b247d0cabf54783caee527f4a8646c02a
4b894147b763542f6c62b74227307d03261af5237a0cd149141af6066a28fec6
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51446f2d9f69aff69bf39feb33cc5661e4e6c8366825bc4cfb63caa498fe32d7
531197cef35c5eee10b028044f8f238d6bf147d0a24f31969ac8d7bee0e4c008
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a1eb6123c7c46f878fef314ed06c507b2a9933c4b439af7a872b7861c52d72f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8f7f910058efb76de58e1cd7e4527029ae8c71671e409f94ea3ea2de08ede1
762bf09b08055d2e81d6499a5176f9119324e7d484536562f9ec083749494d1d
765b600f144402ed4bb10c187ac8e15dfb1a5ec4ae87ffb857f934bf333e6d91
76ba66489fe2da5df50d9bc041f83ac8eb0d726881fcfc77d57edbdc76f26075
782a4a092a51a3691abc98068868f2a968aa27976791e8403c9e693921246c6b
803564d2f40968a670c5748859a0cfece2016ee109d1eea9aa1fbda64553e5c3
829a4568d0c8e326c1e022af19985d295dc933dee3ac68e8beb1d29684eba649
82abf74abec80e532b4ad950f041acc0df0051961a931e258df2c76a344cd2d3
85a61d39ccc2052085ad231cf5dee627e4e4689a8ddc5199390ee0822566d1d3
88b2906e8443f22f57ad7f18373f5e33e01dfb13c52931cc3d94456b786cef90
88e58b06a43d52cf619d55c3134633e2e6476c9d284781aca2d0f6547ee1a938
8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20
a35a59b74a44201244ee4e7bf1295c47c919bb14de4505ae2579ca94a208bc75
a389f846ebffac00e3890254db6efec3bec77253854a5bfcea683072ce3b0df5
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
b73688820a6d2f6e90adefbbe6f01fb37365fe8e2d23a379685cee5f68a607d5
be12568c14d89d07347ba991e2bd2bfa121602d162c19ddaa878b1e179791a8d
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d0f7be86d1bca700849a14d8836da756a68a2a565131e1a2d185b271c7fabb82
d38641890893dc5f5b62c5733b4a6ebe0369c541d05f5987e92cf65b6b576353
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f82c06e12f028861fcc3587190038b946c774d584c8f58287da453cdfb941b
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f8845f7fdd88e956fb192f1eef85e4afa6b7c59d2bae22b6058f4ca620d67312
f99076fd5074f9fe34d1196caaa33ede5ed9b761205fccb9899c49ffe4388d6d
f9ff06d5d2582b76bd977802f4bfd3275be04820397f192853602ee27f88f8f3
fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c
ffc213549ebefcae379a54e755263c4d40f382f4acfb138a9c2411eb0ff5a065