urlscan.io logo urlscan.io
SecurityTrails logo

directexpresshelp.com Open in urlscan Pro
2606:4700:3031::ac43:c2c0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://directexpresshelp.com/
Effective URL: https://directexpresshelp.com/
Submission: On October 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 10 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3031::ac43:c2c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is directexpresshelp.com.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.
This is the only time directexpresshelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 2606:4700:303... 13335 (CLOUDFLAR...)
3 172.217.165.130 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
16 192.0.77.2 2635 (AUTOMATTIC)
2 2a02:6ea0:c45... 60068 (CDN77 _)
2 192.0.76.3 2635 (AUTOMATTIC)
2 157.240.241.1 32934 (FACEBOOK)
3 2607:f8b0:400... 15169 (GOOGLE)
2 142.250.65.194 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.80.100 15169 (GOOGLE)
62 12
24    2606:4700:3031::ac43:c2c0 (United States)

ASN13335 (CLOUDFLARENET, US)
directexpresshelp.com
3    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f2.1e100.net
pagead2.googlesyndication.com
2    2607:f8b0:4006:806::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
16    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
2    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)
images.dmca.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
3    2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
googleads.g.doubleclick.net
2    2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.250.80.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
24 directexpresshelp.com
directexpresshelp.com
185 KB
18 wp.com
i0.wp.com — Cisco Umbrella Rank: 4124
stats.wp.com — Cisco Umbrella Rank: 3409
pixel.wp.com — Cisco Umbrella Rank: 3394
185 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
207 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
84 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 17164
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
173 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
0 amazon-adsystem.com Failed
rcm-na.amazon-adsystem.com Failed
62 10
Domain Requested by
24 directexpresshelp.com directexpresshelp.com
16 i0.wp.com directexpresshelp.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 pagead2.googlesyndication.com directexpresshelp.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net directexpresshelp.com
connect.facebook.net
2 images.dmca.com directexpresshelp.com
2 www.googletagmanager.com directexpresshelp.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 pixel.wp.com directexpresshelp.com
1 stats.wp.com directexpresshelp.com
0 rcm-na.amazon-adsystem.com Failed directexpresshelp.com
62 13

This site contains links to these domains. Also see Links.

Domain
www.amazon.com
maps.google.com
www.dmca.com
generatepress.com
Subject Issuer Validity Valid
directexpresshelp.com
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
images.dmca.com
R10		 2024-08-30 -
2024-11-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-17 -
2024-10-15		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://directexpresshelp.com/
Frame ID: 325D65BBF1D639981D39BDD255D57A7E
Requests: 56 HTTP requests in this frame

Frame: https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Frame ID: E7CE6C7C7434C29DD77EDA50AFC847F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241007/r20190131/zrt_lookup_fy2021.html
Frame ID: A88C0BB442D85015BAF3F87E9618B3F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517003535209854&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1728473600&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdirectexpresshelp.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728473597043&bpp=4&bdt=781&idt=3845&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4495185834185&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95331690%2C95338243%2C95341937%2C95343454&oid=2&pvsid=4469031804393985&tmod=1997450892&uas=0&nvt=1&fsapi=1&fc=1920&brdim=530%2C530%2C530%2C530%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=3875
Frame ID: D195538CD410A6600EBE5B1A7E8DD005
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 2466C6F8C76615EA1229C87B5BABCC2A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBBAEED61AC35BA2632ACA6F462F5F36
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Direct Express Card Help - Direct Express Card, Social Security & Disability

Page URL History Show full URLs

  1. http://directexpresshelp.com/ HTTP 307
    https://directexpresshelp.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

95 %
HTTPS

45 %
IPv6

10
Domains

13
Subdomains

12
IPs

1
Countries

866 kB
Transfer

2334 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://directexpresshelp.com/ HTTP 307
    https://directexpresshelp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
directexpresshelp.com/
Redirect Chain
  • http://directexpresshelp.com/
  • https://directexpresshelp.com/
106 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
df819f3ecfb17f0741e6b433346959338e536d3cfc2cf90a2a440bba10f3909c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cache-tag
directexpressh6038cd41b1dc9
cf-cache-status
DYNAMIC
cf-ray
8cfe0e072978cb9b-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 09 Oct 2024 11:33:16 GMT
display
orig_site_sol
expires
Tue, 08 Oct 2024 11:33:16 GMT
link
<https://directexpresshelp.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/7Yy4l>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rx5Fx3%2BIcIOl55XvBulipbQ4dqV7eP%2BA2Gv6udLvbqOiQoca1FCUun%2Fif10sZVBJmsg9JLvt4xnpvp7Uyp0%2BoZBYPVWVLjZIGZBX9M24hOcYAjdDgJMlanYPn%2FlmnCSOOTXIWy0H72KlWBoqEV2IFaQc5l8%3D"}],"group":"cf-nel","max_age":604800}
response
200
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-cache
HIT: 26
x-cache-group
bot
x-cacheable
bot
x-content-type-options
nosniff
x-ezoic-cdn
Hit d2;mm;57d9c0fd32a624ee3a1b369f4d46aed6;2-510601-1;VQiaThlMhdZCQxeEzUs9h
x-middleton-display
orig_site_sol
x-middleton-response
200
x-origin-cache-control
max-age=10800, must-revalidate
x-powered-by
WP Engine
x-sol
orig
x-ua-compatible
IE=edge

Redirect headers

Location
https://directexpresshelp.com/
Non-Authoritative-Reason
HttpsUpgrades
speculation
directexpresshelp.com/cdn-cgi/ 		128 B
486 B 		Other
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://directexpresshelp.com
Referer
https://directexpresshelp.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tmrmO%2F1yBe4Oe%2F6dDmioubipNrOK7bt9xLCVVBj6Tb7wHzhOY7B52xGn7y%2BZRh7cVQG8hKQMJJz%2FxregzYbnb%2Beziy%2F%2FBVs6kasK12chonEfpGzVvHVEE5421qtJ2lPAWUZJ6Rk15I3FmPsWiCH4mtBHpI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cfe0e08ddaccb9b-LAX
access-control-allow-origin
https://directexpresshelp.com
content-length
128
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
autoptimize_3a3524b701f60a346cfac45cc6b8869b.css
directexpresshelp.com/wp-content/cache/autoptimize/css/ 		262 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/wp-content/cache/autoptimize/css/autoptimize_3a3524b701f60a346cfac45cc6b8869b.css
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35d832f9a98087a510140f8c1b536ba0f6879feb33cfa90eed300abf44a4b22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"66e11122-41a5a-gzip"
age
788968
x-middleton-response
200
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RltGPZai%2BEAfBJxulfmhqVOYuG0DO3sg7bACir%2FSGbA%2BtcDv%2BkTj4oeajxB5bbXYmy6QBUYvXFmlK2gOFE2PEQq1%2BT1%2F%2BT3Vy36Hcbj2APuMq5PhFiTrntrHnFmUJTmb4QVCo2qBffWgCg0YlpviHQlWXb8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
response
200
cf-polished
origSize=268890
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Wed, 11 Sep 2024 03:40:18 GMT
x-ezoic-cdn
Hit d2;ms;c4e1757c7cb5200363bc4342490c92dc;2-510601-1;YF2ztCBBoG1H3MXgZ5Fdl
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-sol
orig
cf-ray
8cfe0e08edbccb9b-LAX
access-control-allow-origin
*
x-origin-cache-control
public, max-age=31536000
server
cloudflare
jquery.min.js
directexpresshelp.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"64ecd5ef-15601-gzip"
age
807477
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVnfI2%2BRH7BlN%2FOIIpdDjJrubDPWXFbts83ZAwIZvUh%2BvTvLzNhprP6fb1xzRH4t77fqt9vpgv%2BW6LZsKtVzddjRsuAoeTksGH8OA8iNTCj0pgkjUkA2ZIysWYBXgGPsTiUTPKxT628nOSq%2F3NwZD9Zu%2F%2BM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
response
200
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
x-ezoic-cdn
Hit d2;ms;3fa59e638f78181bf733a5a4f29dbe89;2-510601-1;npWeVxiprMn8Z_NFX2dy5
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-sol
orig
cf-ray
8cfe0e099f19cb9b-LAX
access-control-allow-origin
*
x-origin-cache-control
public, max-age=31536000
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
69da439092647389eae2c6dd4db802c8b231790fc34e6fd830266fd2c22b66f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-encoding
br
etag
1292713076887424487
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 11:33:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52798
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		219 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-43683690-3
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
add4e3a3c162f8a219d652083f2e7a4fd556207d60e113c4f2ab60897fe1e033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 09 Oct 2024 11:33:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 09 Oct 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80035
x-xss-protection
0
server
Google Tag Manager
cropped-cropped-Direct-Express-Help-1.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2018/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2018/10/cropped-cropped-Direct-Express-Help-1.png?fit=437%2C99&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
34d57b944a61b899807b6946e4a6c2d9692415917faa0a0fffd8d95277431821
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"4b766cd524a556b3"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sun, 30 Nov 2025 14:47:19 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Fri, 01 Dec 2023 02:47:19 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2018/10/cropped-cropped-Direct-Express-Help-1.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 6
access-control-allow-origin
*
content-length
2956
server
nginx
What-time-does-Social-Security-hit-Direct-Express-card-4.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2024/01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2024/01/What-time-does-Social-Security-hit-Direct-Express-card-4.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
9a400130d53c80a8e2dbdd366c2508f75c73f705747c61b517eaa8af70bbefa3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"04ee3664e9d7de0d"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sun, 04 Jan 2026 15:54:29 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Fri, 05 Jan 2024 03:54:29 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2024/01/What-time-does-Social-Security-hit-Direct-Express-card-4.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 5
access-control-allow-origin
*
content-length
17374
server
nginx
Prepare-for-Taking-Social-Security-in-2024.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/11/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/11/Prepare-for-Taking-Social-Security-in-2024.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
48fa15ccaa399f72e882109fb24bda3989d5324a583b7a2d3bd2e60d0b7d2863
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"e72aa09e5c433242"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Mon, 06 Apr 2026 05:13:23 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Fri, 05 Apr 2024 17:13:23 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2023/11/Prepare-for-Taking-Social-Security-in-2024.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 6
access-control-allow-origin
*
content-length
15078
server
nginx
What-time-does-Social-Security-hit-Direct-Express-card-3.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-3.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0252ba74fdd3b504dd7b4d4a15720f1134959bd5e18b1cd26d656924f08629cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"85da5b10f04cde77"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sat, 29 Nov 2025 09:39:30 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Wed, 29 Nov 2023 21:39:30 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-3.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 2
access-control-allow-origin
*
content-length
17810
server
nginx
What-time-does-Social-Security-hit-Direct-Express-card-2.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-2.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
829a4568d0c8e326c1e022af19985d295dc933dee3ac68e8beb1d29684eba649
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"dfa95328f730c922"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Mon, 01 Dec 2025 13:49:38 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Sat, 02 Dec 2023 01:49:38 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-2.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 8
access-control-allow-origin
*
content-length
18138
server
nginx
2024-Social-Security-COLA.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/2024-Social-Security-COLA.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
88e58b06a43d52cf619d55c3134633e2e6476c9d284781aca2d0f6547ee1a938
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"d942f11e1bd4287d"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sat, 29 Nov 2025 13:25:04 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Thu, 30 Nov 2023 01:25:04 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2023/10/2024-Social-Security-COLA.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 1
access-control-allow-origin
*
content-length
15578
server
nginx
How-to-resolve-SSI-Overpayment-letter.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/How-to-resolve-SSI-Overpayment-letter.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ffc213549ebefcae379a54e755263c4d40f382f4acfb138a9c2411eb0ff5a065
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"ff36b4cdb047a5d5"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Mon, 01 Dec 2025 13:49:38 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Sat, 02 Dec 2023 01:49:38 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2023/10/How-to-resolve-SSI-Overpayment-letter.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 8
access-control-allow-origin
*
content-length
14588
server
nginx
what-to-do-about-Social-Security-Overpayment-letters.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/10/what-to-do-about-Social-Security-Overpayment-letters.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
f9ff06d5d2582b76bd977802f4bfd3275be04820397f192853602ee27f88f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"568d56d2287b5641"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sun, 30 Nov 2025 05:21:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Thu, 30 Nov 2023 17:21:55 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2023/10/what-to-do-about-Social-Security-Overpayment-letters.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 4
access-control-allow-origin
*
content-length
18760
server
nginx
Direct-Express-Myaccount-Login-.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/Direct-Express-Myaccount-Login-.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
4762e6e3977758faa3346322cb4f9a2b247d0cabf54783caee527f4a8646c02a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"ef22657444d187f8"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sat, 29 Nov 2025 13:25:04 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Thu, 30 Nov 2023 01:25:04 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2023/09/Direct-Express-Myaccount-Login-.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 2
access-control-allow-origin
*
content-length
18772
server
nginx
Social-Security-COLA-Estimate-for-2024.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/Social-Security-COLA-Estimate-for-2024.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
200b0303f61ba2043f9f2656ae1ee440ff9b4f4e01a8d940ec01d3e35f9b1e1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"2d42e51c665be908"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sat, 29 Nov 2025 13:25:04 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Thu, 30 Nov 2023 01:25:04 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2023/09/Social-Security-COLA-Estimate-for-2024.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 2
access-control-allow-origin
*
content-length
19252
server
nginx
What-time-does-Social-Security-hit-Direct-Express-card-1.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-1.png?w=800&ssl=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
29eab285958e0c7851f7532fcfa4ddb59ab85f844c6436b8c3f1e2a36d7be60f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"d02408db32347b1c"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sun, 30 Nov 2025 05:21:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Thu, 30 Nov 2023 17:21:55 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2023/08/What-time-does-Social-Security-hit-Direct-Express-card-1.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 4
access-control-allow-origin
*
content-length
17748
server
nginx
dmca-badge-w150-2x1-03.png
images.dmca.com/Badges/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/dmca-badge-w150-2x1-03.png?ID=9dfa0eed-0bfb-484b-8953-6fde7868aca9
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / ASP.NET
Resource Hash
e4f82c06e12f028861fcc3587190038b946c774d584c8f58287da453cdfb941b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

cdn-status
200
etag
"1cc8aa3aace6d11:0"
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/png
cdn-cachedat
10/06/2024 05:25:59
last-modified
Mon, 25 Jul 2016 19:39:16 GMT
cdn-requestpullcode
200
cdn-cache
HIT
link
<https://dmca-images.azurewebsites.net/Badges/dmca-badge-w150-2x1-03.png?ID=7315cb8d-4ebf-41d1-99f1-6e9f00182b5b>; rel="canonical"
cache-control
public, max-age=31536000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cdn-requestid
c78c054cc06370291b183fe445642632
cdn-pullzone
1574055
cdn-proxyver
1.04
accept-ranges
bytes
content-length
9215
cdn-edgestorageid
885
x-powered-by
ASP.NET
server
BunnyCDN-NY1-885
cdn-requestcountrycode
US
DMCABadgeHelper.min.js
images.dmca.com/Badges/ 		465 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

cdn-status
200
content-encoding
br
etag
"26b181f16d28d51:0"
date
Wed, 09 Oct 2024 11:33:16 GMT
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
cdn-cachedat
10/01/2024 02:20:23
vary
Accept-Encoding
content-type
application/javascript
cdn-requestpullcode
200
cdn-cache
HIT
link
<https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cache-control
public, max-age=31536000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cdn-requestid
96b17c3368f96e5a89fefd3a9a7a09a9
cdn-pullzone
1574055
cdn-proxyver
1.04
cdn-edgestorageid
885
x-powered-by
ASP.NET
server
BunnyCDN-NY1-885
cdn-requestcountrycode
US
e-202441.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202441.js
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT bur
etag
W/14421-1717166115701.7278
x-minify
t
x-minify-cache
hit
access-control-allow-methods
GET, HEAD
expires
Mon, 06 Oct 2025 18:05:34 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
autoptimize_e28b140867d2dea4e6dbb360c9c0a689.js
directexpresshelp.com/wp-content/cache/autoptimize/js/ 		140 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/wp-content/cache/autoptimize/js/autoptimize_e28b140867d2dea4e6dbb360c9c0a689.js
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51446f2d9f69aff69bf39feb33cc5661e4e6c8366825bc4cfb63caa498fe32d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"655e6c93-23113-gzip"
age
788968
x-middleton-response
200
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDzwQ3rnPchkOdykFEkpLzSzIUT6gb9ur8OsASyejohDSXDdQ36T2fXR%2F%2FSLXKu7XoHXL4EGUkTDon69J76J7vl45lWhZKlw%2BMN2oYI%2Fce6YmH1jhzAiUzDRPUp3IisbvZlVkzqEjk%2FRyuF7G5Xl0m6K4I0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
response
200
cf-polished
origSize=143635
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Wed, 22 Nov 2023 21:03:15 GMT
x-ezoic-cdn
Hit d2;ms;b43b744d803a81d81a447bc4564c0fd7;2-510601-1;hEivJ0gxjKiHyzP76biA9
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-sol
orig
cf-ray
8cfe0e099f1bcb9b-LAX
access-control-allow-origin
*
x-origin-cache-control
public, max-age=31536000
server
cloudflare
boise.js
directexpresshelp.com/detroitchicago/ 		811 B
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/detroitchicago/boise.js?gcb=195-0&cb=5
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
092955f521559093671a2302925cf7e43be3c9c36a2f4c32a35c4d910feb6984
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
807477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWH%2FCQ1ihwQmumVCSR0enF%2BcCFVAwqENjdXAQ0TI80xVploE4LDAYzKE2q%2BLTu9e4UwSjT5GJhzsZbB0TTTEZK3zgVgAGKtT3wO7gECx6AsbMN1wbjBGx519%2FemPrh6kQ4Tro7KuCpIqyAsizkTKdRIUUao%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=824
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 03:15:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e099f1ccb9b-LAX
server
cloudflare
abilene.js
directexpresshelp.com/parsonsmaize/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=38
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a40222cb1869e1fe6c264f3e47bb35c9cc0bbf2cc422bd743ad7f4fd6f9338
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
666534
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KcuwbsY8nj9mK8h97litrN5IiOHh3cie%2FobPZ3aoDlFNwtPjkjMZ2v9kGS2aenn4YijW2XaSaca005kpbza2%2B5gD0tZGTDtEKi4z6gWaZ2QuJBF9d%2FqnbuRcCVtl6O%2BhEWv0RxdxUS2%2FF6JVWYOhsQ%2B%2Fs3k%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=9825
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 18:24:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e099f1dcb9b-LAX
server
cloudflare
analytics
directexpresshelp.com/ezais/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/ezais/analytics?cb=1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa662965a428b991b8cf8b785026a4a6be6e7c402547c9ae917e031d1ab80a41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
access-control-max-age
1728000
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXdUu%2FMM6wjZiV%2F8jqjyHxM2w1ADADKDWeSkolmHh%2BVn5%2FYGTNvqc%2FwTYA1VCSjdIQc4qKbBX2rNjo76f445PkX6h3DItoFfgcNX73%2BfOC33qU0x76XSUVDL77MI%2BrlrWNL%2FV5AGGNawhY846d2fcTTbzbs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, PUT, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
strict-transport-security
max-age=15552000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8cfe0e094e67cb9b-LAX
access-control-allow-origin
https://directexpresshelp.com
server
cloudflare
af96ebc4-323a-4f51-8a50-b02dad0d0cac
https://directexpresshelp.com/ Frame 		0
0
cm
rcm-na.amazon-adsystem.com/e/ Frame E7CE 		0
0
Direct-Express-Customer-Service-Phone-Number.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/08/ 		564 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/08/Direct-Express-Customer-Service-Phone-Number.png?fit=800%2C600&ssl=1&resize=40%2C40
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
9cee72e002e960bab44f3a12c9d1bb04a35085e78e49a82f3676b309a7ca30e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"befdb06b18f5799c"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sun, 30 Nov 2025 13:24:54 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Fri, 01 Dec 2023 01:24:54 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2013/08/Direct-Express-Customer-Service-Phone-Number.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 3
access-control-allow-origin
*
content-length
564
server
nginx
Direct-Express-Myaccount-Login-.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/ 		690 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2023/09/Direct-Express-Myaccount-Login-.png?fit=800%2C600&ssl=1&resize=40%2C40
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
84aa2e0bf1472007d49c9d38c63217ba76ab5a3b5d8c26d542430a7e4fb989dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"42fb5d70fa88fa7c"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Fri, 18 Sep 2026 02:37:16 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Tue, 17 Sep 2024 14:37:16 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2023/09/Direct-Express-Myaccount-Login-.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 2
access-control-allow-origin
*
content-length
690
server
nginx
Direct-Express-Debit-Card-Login.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/08/ 		522 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/08/Direct-Express-Debit-Card-Login.png?fit=800%2C600&ssl=1&resize=40%2C40
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0d848d1bba0a5740f08135ebe6ff96c31bc4baa04273f4d6310fc59e14c119ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"d3f2f016300133bd"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sun, 12 Apr 2026 10:59:39 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Thu, 11 Apr 2024 22:59:39 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2013/08/Direct-Express-Debit-Card-Login.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 6
access-control-allow-origin
*
content-length
522
server
nginx
How-to-speak-to-a-live-person-at-Direct-Express-.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/09/ 		584 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2013/09/How-to-speak-to-a-live-person-at-Direct-Express-.png?fit=800%2C600&ssl=1&resize=40%2C40
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
6ecfe4e84e51548a0f75361f2f63e1aeebcf76095093d8373a177148df7ad4c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"6c567975a42d4395"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Fri, 02 Oct 2026 04:35:44 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/webp
last-modified
Tue, 01 Oct 2024 16:35:44 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2013/09/How-to-speak-to-a-live-person-at-Direct-Express-.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 4
access-control-allow-origin
*
content-length
584
server
nginx
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
fd6e53dbb6934a1cf84c0e7caa7ef57c5aed117af8512ca036b048a81d5d80f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-md5
4YBuY82g/1SIPKaKCzIAfA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"2d5d9dee583914e2ea23552a7ac3ae5a"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 11:52:39 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
66568d98eafe970cc316768ecc2394f8
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=130, rtx=0, c=24, mss=1232, tbw=8188, tp=13, tpl=0, uplat=0, ullat=-1
x-fb-debug
FzeAul31T45Wk0kuUcbrFkr/8dxsJm2HAMXZp4oXaN2HiRZYTuyezdWYVvrGOXi3rVBmY3c5Z9MXZPudI3jIfQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1685
origin-agent-cluster
?1
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=117864997&post=0&tz=0&srv=directexpresshelp.com&j=1%3A12.8.1&host=directexpresshelp.com&ref=&fcp=862&rand=0.033915687550329254
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

cache-control
no-cache
access-control-allow-origin
*
content-length
50
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
content-type
image/gif
server
nginx
mulvane.js
directexpresshelp.com/parsonsmaize/ 		1 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/parsonsmaize/mulvane.js?gcb=195-0&cb=10
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9cc574a5fac93935179f833c3c532a2d29f30cbbe4485e26cf1910b487180c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
807476
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kiyNYY%2F8LXEnGn5yv%2FyO2iyWFeXlagqrVDQUHKdtOqLfOQWg%2BD6m1O1j4ypokG1YNcLwKIzp9GLYN9zg1yG68IJN%2FQ0qmbI08wx1MggJQBxt5syyQZuhnuvb2GCFTE4l3xUAR%2BXa8NqXvGV6ANHrqqpkSl8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=1242
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 03:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0c6df6cb9b-LAX
server
cloudflare
et.js
directexpresshelp.com/porpoiseant/ 		1 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/porpoiseant/et.js?gcb=195-0&cb=3
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f67393986c012dbf48aa3149e2874bd84ed5f466362ad1ac31305f697f1da7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
807476
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwG%2BUFJab6LO9%2BcjGfMaa5Z1dEJGvTGRjyAh4IsOJ2XjFN9RoVJ%2Fw%2FSzocNGCqMj53bBsFye0%2BE%2FXS8hdSmptYLV8hwvS31vAiJxa0HkbYamQ5uMTpzWZxPifV89ZEb7k%2FKiwdxO6B5Tgf0I2NLR%2BWX7wfs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 03:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0c6df7cb9b-LAX
server
cloudflare
reno.js
directexpresshelp.com/detroitchicago/ 		1 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/detroitchicago/reno.js?gcb=195-0&cb=2
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031451a08ac9dfd5d91a2fb8101be8c4d7cf0c8941d8542abb6fd61d221b2342
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
491036
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQu%2FYRm%2FAb2leOGVK2uA40NydWy9O6imk03SI5U9Krdh1nDP4KpyNyamGvIxhSNruDqmmuak%2BNloAaEfVNVTfqMthqPkT9rH1GSgNVKX3AuDEpsDO5nuDAJU8eJOdC%2BHkHe0%2Fka8NiHJjaPn7sAriHaRPqs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=1043
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 03 Oct 2024 19:09:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0c6df8cb9b-LAX
server
cloudflare
wichita.js
directexpresshelp.com/detroitchicago/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/detroitchicago/wichita.js?gcb=195-0&cb=12
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7a77f24fc31abf310ccb240b2e0a49f2582823f990eef11a3abc37f286ea12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
807476
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7NUuw1ybI522syvr4vjIoEAjSvAkM1s3BndlxGZKFILUmBmxuRrLMd7ilCLqyyVq9kB7UTJ4m6WtwNBhug6vjMbvTG%2F0ktpg5%2Fd6%2Fv6jtIpr6cj9IfvjQSt69mSb27EY%2BoNZuzyTEVSkaCM11WPRhNv6xA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 03:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0c6dfacb9b-LAX
server
cloudflare
raleigh.js
directexpresshelp.com/detroitchicago/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/detroitchicago/raleigh.js?gcb=195-0&cb=7
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fba7686001b516b0414bef328255eca729f278c1d14d324c8567733426439a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
807476
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D60W0B1MMFyMCMY%2FjaE09Q97aZOMS2cD5xtNT07%2FsnK742OqhnnAr34dI5mElfwL8kbqVI%2Bq5XowS1i901Sov2U54TKLeXOWB%2BPNL8KEQrCN1LLJVhUAxhRkk%2BK5IpezRT8%2BqKZzfCoxZLI7BvRKwDsqlcs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=1673
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 03:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0c6dfccb9b-LAX
server
cloudflare
vista.js
directexpresshelp.com/detroitchicago/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/detroitchicago/vista.js?gcb=195-0&cb=6
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4559f063977072488f6dd2c96ff11fa2dbfc62c9e26d1b8c2c80c48a85964ecc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
807476
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FldXjFCRimfAhX8jwDyvn1%2FgjYyxPZhmwHgnGJIAmOZm917fefIwkz1OE7nT1gvTFFVGHgOU%2F%2FmdBmhTIGp600pESqXB3hnDwlz7n4xmdP8mHnmLuXmVwd1Gf3dUxI6f9T5X92qIXE5a%2FMuUwijKoDO1mLM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=1067
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 03:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0c6dfecb9b-LAX
server
cloudflare
drake.js
directexpresshelp.com/beardeddragon/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/beardeddragon/drake.js?gcb=0&cb=8
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
1972255
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSK%2B%2B6bYC59FMErDY%2FXmbv69kSNNsxaF1iR35%2FIhqvu7yvzpptn78KXGrckQ9IJwnxvwnMdnWGlV5v1dgj0Yhe7LKKWO3pLeUchPl814%2FsEg%2F935NhLmQ1gN04nZVQZSpCTYxvajL8EfOC%2B8r%2F9pWFXlz5g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=4247
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 16 Sep 2024 15:42:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0c6dffcb9b-LAX
server
cloudflare
jellyfish.js
directexpresshelp.com/porpoiseant/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/porpoiseant/jellyfish.js?a=a&cb=16&dcb=195-0&shcb=34
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
007078a6fc420ba722a9a08f6237161e0736553b1ea84a0b8f677468ddbcaf11
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
807476
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwZ4vufVnlBTYv9ptnQk8xVbW9UFg%2F15rGvkAurl6GJWYmVbbrmKn6UWKP80n4Jcog07QoP0hSFP5LcWFbafmHVRsyfCdjRsTIzgWVXIHNrD3Mypvx8BJtTCd2rFBgvz%2FxZxuXAJuUB2aHKCRboZY057ziE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=37695
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 03:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0c6e01cb9b-LAX
server
cloudflare
wp-emoji-release.min.js
directexpresshelp.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"667d6e6f-4926-gzip"
age
788992
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHy4hS0IWxbBZ0RU8jQY66Alz0Iz8E6Qzq3X4tc%2BqODLKzHohe1KMlTjYWOo%2BbQu0cwi5RDDXonQWyHA%2B%2Fv2BpzXqXT2UBdd9etBu5DUt%2BjaahkfO4PvmQzUJG%2BSO0lR5tNjOrkTKliRlV%2FbkFDqRYOljJE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
response
200
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Thu, 27 Jun 2024 13:51:43 GMT
x-ezoic-cdn
Hit d2;ms;f9632bd3e01b6ffad29352beba577e8d;2-510601-1;kljBQxFD6myVaX1DD4Q-k
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-sol
orig
cf-ray
8cfe0e0c8e2acb9b-LAX
access-control-allow-origin
*
x-origin-cache-control
public, max-age=31536000
server
cloudflare
olathe.js
directexpresshelp.com/parsonsmaize/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/parsonsmaize/olathe.js?gcb=195-0&cb=25
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037d14ce96f27706386c4475d17d7e4e448247ad61aa33b8328d4968bb83234e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
807476
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mU0u3QVetrfkjoRGelxrEq4fsFRGdeotl1B5w35mbJ%2B5IdjiMbIAO%2BBBfnCBYzahOlYMpZp8uE3q8IFKarzwlMPtyGIpncuoZqf9R3PRYB7uUaIxJKe8p8Snaqu%2FzPnCMZWy9Sc0f9xvN9%2BHAp%2Fo8DJOdE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=2221
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 03:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0d0f82cb9b-LAX
server
cloudflare
vitals.js
directexpresshelp.com/tardisrocinante/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/tardisrocinante/vitals.js?gcb=0&cb=4
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c2df0892b2e68fb2a1baee0cbf0ad2aac11419d49c9b97f10a81455b03e6a93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
807476
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOQZ6AmkbFl16fHev1mrk%2FXx%2FFcBWA%2FSYKhztkonNINdypKelLT%2BgmDJvAY6xC5ZxhhNlC4YAFaSkhXFzcJzy0UsQWJjXTok7sdG59LyMBe1qqdXA3ftfazdAJ3%2F5MPTXoE9oLjO79QE3jMLDkO9T%2BLfFyo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=11417
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 03:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0d0f87cb9b-LAX
server
cloudflare
chanute.js
directexpresshelp.com/parsonsmaize/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/parsonsmaize/chanute.js?a=a&cb=10&dcb=195-0&shcb=34
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb6666ac5ca730743eb9537dfb26940c88ffcbf6965a5122760a9d1e46a1503
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
807476
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFEjqpfMXroFNkmfW1i4qw%2BUDA66a5Rz78vsgxQF1YzglHcKxgJ0qgrIzwYZ10iVtNA7y7cYAMRcK2LZsTq%2FCLXHUAGnjGCTvyuWCxTi7FFiK3k40yyGlugC2KMftf8sEN6At9dOdLTfPRanojpiyMyhGds%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=21786
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:16 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 03:15:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cfe0e0d0f8bcb9b-LAX
server
cloudflare
imp.gif
directexpresshelp.com/detroitchicago/ 		43 B
778 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/detroitchicago/imp.gif
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://directexpresshelp.com/

Response headers

access-control-max-age
1728000, 1728000
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2BTBVzB8U1whM3%2BldGSzKS7JuB40Mb4%2FQr6qh5qCy8f9%2BYj3vVntG%2F9tQEgw6d7HTHupA06M7seArSApSe09dl%2By9EQSoG7XLHG032%2BKJmj5JwEBW8jv54x590v5224lAZqgCioshegcHQaj8vY3aK7rmfE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, PUT, OPTIONS, HEAD, PUT, POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 11:33:17 GMT
date
Wed, 09 Oct 2024 11:33:17 GMT
x-middleton-display
imp_sol
content-type
image/gif
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type, Content-Type
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8cfe0e0d9925cb9b-LAX
access-control-allow-origin
https://directexpresshelp.com, https://directexpresshelp.com
content-length
43
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/ 		409 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
7290d32ab0826dfce84d68827f4b76ebd3a29212b9e5f41e1fb90d0969babb33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-encoding
br
etag
14023063996932131420
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 11:33:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 09 Oct 2024 11:33:17 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
139458
x-xss-protection
0
server
cafe
sdk.js
connect.facebook.net/en_US/ 		288 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=efda1ae61416cef0a8d827e9d4a64301
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
e5e908685e9d9b36587c75f3582addeffe21519015fb7f5753b106b7becbdfab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://directexpresshelp.com
Referer
https://directexpresshelp.com/

Response headers

content-md5
k2UP9eZqqO1sdi+Ht09exw==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"3fd6ef99c14ddae183c015a2371036d5"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 11:11:34 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
8dd345664702c6e12acb34bee5c7fde3
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
POOR; q=0.1, rtt=3501, rtx=0, c=26, mss=1232, tbw=13225, tp=20, tpl=0, uplat=1, ullat=-1
x-fb-debug
ArGg5sZ74XcESj2EvkP4HatDugps2kiqeieRaxJz7QhoCjWMlybw+VS1YXESwl8NQDfJUUzELoINL7JYSu0+Xw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
84106
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		270 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6QW80M9MT9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43683690-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49a9ac1d858ea241588286ff239755f54ec95142e3aa79174dc589a1b076683e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 09 Oct 2024 11:33:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 11:33:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96177
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43683690-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-encoding
gzip
age
382
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 13:26:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 11:26:58 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6QW80M9MT9&gtm=45je4a70v9111022135za200&_p=1728473596378&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101671035~101747727&cid=944001777.1728473601&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1728473600&sct=1&seg=0&dl=https%3A%2F%2Fdirectexpresshelp.com%2F&dt=Direct%20Express%20Card%20Help%20-%20Direct%20Express%20Card%2C%20Social%20Security%20%26%20Disability&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5211
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6QW80M9MT9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://directexpresshelp.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 11:33:21 GMT
content-type
text/plain
server
Golfe2
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241007/r20190131/ Frame A88C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241007/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://directexpresshelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
105
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Oct 2024 11:31:36 GMT
etag
13108003645644964576
expires
Wed, 23 Oct 2024 11:31:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D195 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517003535209854&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1728473600&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdirectexpresshelp.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728473597043&bpp=4&bdt=781&idt=3845&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4495185834185&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95331690%2C95338243%2C95341937%2C95343454&oid=2&pvsid=4469031804393985&tmod=1997450892&uas=0&nvt=1&fsapi=1&fc=1920&brdim=530%2C530%2C530%2C530%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=3875
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://directexpresshelp.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
66
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Oct 2024 11:33:21 GMT
expires
Wed, 09 Oct 2024 11:33:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2010360612&t=pageview&_s=1&dl=https%3A%2F%2Fdirectexpresshelp.com%2F&ul=en-us&de=UTF-8&dt=Direct%20Express%20Card%20Help%20-%20Direct%20Express%20Card%2C%20Social%20Security%20%26%20Disability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=247788406&gjid=240699375&cid=944001777.1728473601&tid=UA-43683690-3&_gid=1232354334.1728473601&_r=1&gtm=457e4a70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101533421~101671035~101747727&jsscut=1&z=772465354
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://directexpresshelp.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 11:33:21 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://directexpresshelp.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241007&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
d43cacbd1934267702ca7fe012e37a4ceb69fd4f1bfccf928a6cc833ce0241a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12821
date
Wed, 09 Oct 2024 11:33:21 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
cropped-Direct-Express-Help-3.png
i0.wp.com/directexpresshelp.com/wp-content/uploads/2018/10/ 		416 B
826 B 		Other
General
Check archive.org
Download Go to
Full URL
https://i0.wp.com/directexpresshelp.com/wp-content/uploads/2018/10/cropped-Direct-Express-Help-3.png?fit=32%2C32&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
f247edbec875276beb09e0280ade756c78f4a72cf3a5732d228f0cabcc3c0e05
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

etag
"38a0b249a2901e38"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD
expires
Sun, 30 Nov 2025 09:15:02 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:21 GMT
content-type
image/webp
last-modified
Thu, 30 Nov 2023 21:15:02 GMT
vary
Accept
link
<https://directexpresshelp.com/wp-content/uploads/2018/10/cropped-Direct-Express-Help-3.png>; rel="canonical"
cache-control
public, max-age=63115200
timing-allow-origin
*
x-nc
HIT bur 5
access-control-allow-origin
*
content-length
416
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 11:33:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 11:33:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 2466 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://directexpresshelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
88
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Oct 2024 11:31:54 GMT
expires
Wed, 09 Oct 2024 12:21:54 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FBBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5oxXcq6WSZg1fzwqAAoznQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://directexpresshelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5oxXcq6WSZg1fzwqAAoznQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Oct 2024 11:33:22 GMT
expires
Wed, 09 Oct 2024 11:33:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
greenoaks.gif
directexpresshelp.com/detroitchicago/ 		0
282 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwidmlzaXRfdXVpZCI6IjZjZTY0MWYxLTliODQtNDdmNS02MDA5LWFkNGEwMzc2YjY2ZiIsInBhZ2V2aWV3X2lkIjoiN2Y0MTUxZGUtZjkxMi00YzYyLTRhMDktMGY2MTdlYjA0ZWQyIiwiZG9tYWluX2lkIjoiNTEwNjAxIiwidF9lcG9jaCI6MTcyODQ3MzU5NiwiZGF0YSI6W3sibmFtZSI6ImRldmljZV93aWR0aCIsInZhbCI6IjE2MDAifSx7Im5hbWUiOiJkZXZpY2VfaGVpZ2h0IiwidmFsIjoiMTIwMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJ2aXNpdF91dWlkIjoiNmNlNjQxZjEtOWI4NC00N2Y1LTYwMDktYWQ0YTAzNzZiNjZmIiwicGFnZXZpZXdfaWQiOiI3ZjQxNTFkZS1mOTEyLTRjNjItNGEwOS0wZjYxN2ViMDRlZDIiLCJkb21haW5faWQiOiI1MTA2MDEiLCJ0X2Vwb2NoIjoxNzI4NDczNTk2LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyNC0xMC0wOSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMyJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiI2MDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwidmlzaXRfdXVpZCI6IjZjZTY0MWYxLTliODQtNDdmNS02MDA5LWFkNGEwMzc2YjY2ZiIsInBhZ2V2aWV3X2lkIjoiN2Y0MTUxZGUtZjkxMi00YzYyLTRhMDktMGY2MTdlYjA0ZWQyIiwiZG9tYWluX2lkIjoiNTEwNjAxIiwidF9lcG9jaCI6MTcyODQ3MzU5NiwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3RhZyIsInZhbCI6ImVuLVVTIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInZpc2l0X3V1aWQiOiI2Y2U2NDFmMS05Yjg0LTQ3ZjUtNjAwOS1hZDRhMDM3NmI2NmYiLCJwYWdldmlld19pZCI6IjdmNDE1MWRlLWY5MTItNGM2Mi00YTA5LTBmNjE3ZWIwNGVkMiIsImRvbWFpbl9pZCI6IjUxMDYwMSIsInRfZXBvY2giOjE3Mjg0NzM1OTYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInZpc2l0X3V1aWQiOiI2Y2U2NDFmMS05Yjg0LTQ3ZjUtNjAwOS1hZDRhMDM3NmI2NmYiLCJwYWdldmlld19pZCI6IjdmNDE1MWRlLWY5MTItNGM2Mi00YTA5LTBmNjE3ZWIwNGVkMiIsImRvbWFpbl9pZCI6IjUxMDYwMSIsInRfZXBvY2giOjE3Mjg0NzM1OTYsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LzJBNiG6SzK8ahxzWWErClQv4qUvCB6jxhhYwKNW98yiPW3lbFy%2BAi33pSfS%2Fshze0kngy4y9lBgH6gCbMXw51GKySlVQHPQG2aZTPIjbWbDCfftFwv661doEg7ExUBwuDvtd7tPu2B0ZTDC3Cp0FsokxC8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cfe0e3bfb71cb9b-LAX
expires
Tue, 08 Oct 2024 11:33:24 GMT
access-control-allow-origin
https://directexpresshelp.com
date
Wed, 09 Oct 2024 11:33:24 GMT
x-middleton-display
ezp_sol
vary
Accept-Encoding
server
cloudflare
greenoaks.gif
directexpresshelp.com/detroitchicago/ 		0
544 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwidmlzaXRfdXVpZCI6IjZjZTY0MWYxLTliODQtNDdmNS02MDA5LWFkNGEwMzc2YjY2ZiIsInBhZ2V2aWV3X2lkIjoiN2Y0MTUxZGUtZjkxMi00YzYyLTRhMDktMGY2MTdlYjA0ZWQyIiwiZG9tYWluX2lkIjoiNTEwNjAxIiwidF9lcG9jaCI6MTcyODQ3MzU5NiwiZGF0YSI6W3sibmFtZSI6InBlcmZfaXNfdHJhY2tlZCIsInZhbCI6IjEifSx7Im5hbWUiOiJwZXJmX25hdl90b19jb25uZWN0IiwidmFsIjoiMzM3In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiI1NTIifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjM2In0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjU4MiJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjYwMiJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiI1MjQyIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInZpc2l0X3V1aWQiOiI2Y2U2NDFmMS05Yjg0LTQ3ZjUtNjAwOS1hZDRhMDM3NmI2NmYiLCJwYWdldmlld19pZCI6IjdmNDE1MWRlLWY5MTItNGM2Mi00YTA5LTBmNjE3ZWIwNGVkMiIsImRvbWFpbl9pZCI6IjUxMDYwMSIsInRfZXBvY2giOjE3Mjg0NzM1OTYsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6Ijg2MiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJ2aXNpdF91dWlkIjoiNmNlNjQxZjEtOWI4NC00N2Y1LTYwMDktYWQ0YTAzNzZiNjZmIiwicGFnZXZpZXdfaWQiOiI3ZjQxNTFkZS1mOTEyLTRjNjItNGEwOS0wZjYxN2ViMDRlZDIiLCJkb21haW5faWQiOiI1MTA2MDEiLCJ0X2Vwb2NoIjoxNzI4NDczNTk2LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6Ijg2MiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJ2aXNpdF91dWlkIjoiNmNlNjQxZjEtOWI4NC00N2Y1LTYwMDktYWQ0YTAzNzZiNjZmIiwicGFnZXZpZXdfaWQiOiI3ZjQxNTFkZS1mOTEyLTRjNjItNGEwOS0wZjYxN2ViMDRlZDIiLCJkb21haW5faWQiOiI1MTA2MDEiLCJ0X2Vwb2NoIjoxNzI4NDczNTk2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInZpc2l0X3V1aWQiOiI2Y2U2NDFmMS05Yjg0LTQ3ZjUtNjAwOS1hZDRhMDM3NmI2NmYiLCJwYWdldmlld19pZCI6IjdmNDE1MWRlLWY5MTItNGM2Mi00YTA5LTBmNjE3ZWIwNGVkMiIsImRvbWFpbl9pZCI6IjUxMDYwMSIsInRfZXBvY2giOjE3Mjg0NzM1OTYsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2Rvd25saW5rIiwidmFsIjoiMTAifV19XQ==
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oN6ZW%2FaleI5noCz4smpUyM45cvx%2BvOgPrQ3aVtxe%2BInAx4fPM%2BDA9C1GTXsCwcl2hTmuGl5viUxc%2BlS4V%2BfqH75sJ%2Fb7KS5fN8oks0ecIFVBILyLWi%2Bb%2FHHBEGeK4%2BZNwvE8plDhDxz5pQ%2BNy96M5keWlvc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cfe0e3bfb74cb9b-LAX
expires
Tue, 08 Oct 2024 11:33:24 GMT
access-control-allow-origin
https://directexpresshelp.com
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:24 GMT
x-middleton-display
ezp_sol
vary
Accept-Encoding
server
cloudflare
greenoaks.gif
directexpresshelp.com/detroitchicago/ 		0
279 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://directexpresshelp.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwidmlzaXRfdXVpZCI6IjZjZTY0MWYxLTliODQtNDdmNS02MDA5LWFkNGEwMzc2YjY2ZiIsInBhZ2V2aWV3X2lkIjoiN2Y0MTUxZGUtZjkxMi00YzYyLTRhMDktMGY2MTdlYjA0ZWQyIiwiZG9tYWluX2lkIjoiNTEwNjAxIiwidF9lcG9jaCI6MTcyODQ3MzU5NiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMjUwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInZpc2l0X3V1aWQiOiI2Y2U2NDFmMS05Yjg0LTQ3ZjUtNjAwOS1hZDRhMDM3NmI2NmYiLCJwYWdldmlld19pZCI6IjdmNDE1MWRlLWY5MTItNGM2Mi00YTA5LTBmNjE3ZWIwNGVkMiIsImRvbWFpbl9pZCI6IjUxMDYwMSIsInRfZXBvY2giOjE3Mjg0NzM1OTYsImRhdGEiOlt7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoidmlld3BvcnRfc2l6ZSIsInZhbCI6IjE2MDB4MTIwMCJ9LHsibmFtZSI6InZpZXdwb3J0X3B4IiwidmFsIjoiMTkyMDAwMCJ9LHsibmFtZSI6ImRvY19weCIsInZhbCI6IjE3MDIwODAwIn0seyJuYW1lIjoiZG9jX2hlaWdodCIsInZhbCI6IjEwNjM4In1dfV0=
Requested by
Host: directexpresshelp.com
URL: https://directexpresshelp.com/parsonsmaize/abilene.js?gcb=195-0&cb=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://directexpresshelp.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ypnRS2GQehsr0tS5thSmESXlqNc2bGmlPWG2MTycb3tyW0Pfo5wsmSomU3A8jKtdtPUCEA9G%2Fpcs7NpsL%2BtMMZp5V5pzIf19qk5%2FFCB8ojf4kH9UaiswJO2PLFjMAIlhr%2BbOPdzK4ysgFHLnvBKQGACfhc0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cfe0e3bfb75cb9b-LAX
expires
Tue, 08 Oct 2024 11:33:24 GMT
access-control-allow-origin
https://directexpresshelp.com
alt-svc
h3=":443"; ma=86400
date
Wed, 09 Oct 2024 11:33:24 GMT
x-middleton-display
ezp_sol
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
directexpresshelp.com
URL
blob:https://directexpresshelp.com/af96ebc4-323a-4f51-8a50-b02dad0d0cac
Domain
rcm-na.amazon-adsystem.com
URL
https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=primediscounted&banner=0B2TM48Z6X1RA9B3TZR2&f=ifr&linkID=854f1f0f1a29a337aa71cc6795938267&t=dexpresshelp-20&tracking_id=dexpresshelp-20
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241007&jk=4469031804393985&bg=!GhmlGVbNAAax3igvkd47ADQBe5WfONUx7OzxvyTW8d2NzdAju0CNoGcWFBnNASrWWTeOU5j6ZhmBjKT96GiXz8p3nE5JAgAAAERSAAAAA2gBB34ANt94XQHmiKBEMZ4KYjRUMlP0Wp8NrTEBCbRtUFz9mHU8IRppSFnY-eFEU1aqoIhOspr53Stk_goAJ4fnwStZKELg6A2E7htLWFsJMDljxOlb7TZUGbf8HDAOofKUZvxxPJkCkJnH3t4RD6vzI71fy6giNWCQ4KO95OiZjeolp4scBtP5gAiQrLfqjPFZGEGoWCdFoKgCpDjBTu1QeqpJGQK2w-tUV261bPKvZrViAvWSioERdpeqLphETZAWAdW9m761XmfBud7wP9xX3FBmHTkXI47Q7qBUqbvtA0A0rjtJCgDE9pSmnbExAOYQxIPlTAV8bRcGd_idnPAsjiksv0CG1GT4gxaBketX0hN3bRdqOMUeqigGcXM2cGBYoTNUFwCFMzqXwZUU-fn_W6DjSl2Y0Mv-k1F_7mfu1OD_YTx-0AuIVVGC6F15hiAnsCB-tcRXbHl0PDgmTOw-a4CXYZHyxQjliUvDhaN41L23M3pOPfWEW-8AvOpokkbsIT2lzicgIXxzI6fK8g-783XJx8X1Lza3nty6LE9FlHpZt2Uvri3W1Cnx7jFWsHkk4ZGw2F4_h9lHrK6Dk8_iyzmlS7lUqw4ycJ_eYZYQfBDWAOArdxyYYGgYx1xdTP9J2qb5eCICU5u9GvPB_y9ZXsodWKuzRXf68gvt2LuvxeUTbHX0xcBYfYcF2gK_xjLsgSkYVq-U3VNp-sH6k8LTKWkVVDJ7iWjmg9iBBEgI9LjKajjkjHF4P3zEj-PolJP2dIREIheNMVB2DuJhutIHb4H7Cr5PMaBMEVStA_z1zmKcT4pyw0SBHCGU2GHlaJF4NG8y3a2GtsVr5JIPE2Xv_bu9yhHUFylf37RbiNDB-2JKEOaLrDBfPvHSKHZLfyks1pzXtr1hJa_vXBup_6M5_6G-dxQD7-Vs8S1kVBu9Bxx2PMtvS_6VnVj05-qFmL5SiVdCa2UH70CXguBsyJocbRiMcCVPIgnSQjxAEs6g4YABPcnZPluf

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| __ezHttpConsent object| ezTcfConsent function| getEzConsentData function| _setEzCookies object| _ezaq object| __ez boolean| ezDisableAds function| analyticsAddScript function| getCookiesWithPrefix function| productAnalytics boolean| ezAnalyticsStatic object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue object| advads_options object| advanced_ads_pro_visitor_conditions object| adsbygoogle function| gtag object| dataLayer object| advadsCfpQueue function| advadsCfpAd string| ezoTemplate string| ezouid string| ezoFormfactor string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| __ezDotData function| jQuery object| advanced_ads_responsive object| advadsCfpInfo object| generatepressMenu object| advanced_ads_pro_ajax_object object| _stq object| jetpackSwiperLibraryPath object| jetpackCarouselStrings object| advads_admin_bar_items function| _emitEzConsentEvent function| st_go function| linktracker_init object| wpcom function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did number| advanced_ads_resizetimeout number| advanced_ads_cookieexpires number| advanced_ads_browser_width function| advanced_ads_resize_window function| advanced_ads_save_width function| advads_resize_delay function| advanced_ads_get_browser_width object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group object| advads function| get_unix_time_in_seconds function| advads_postscribe object| lazySizes object| advadsProCfp function| visbilityChangeFunc object| ezoicEvent function| reportEzError function| reportEzReqError object| twemoji object| wp object| __ezct object| ezdent object| ezDenty object| ezua object| ezuxgoals function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| _ezfd object| metricNameMap function| ezlogVital object| webVitals function| initEzux object| riveted object| ezux object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| FB object| google_tag_manager string| GoogleAnalyticsObject function| ga object| googletag object| gaGlobal function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __buffer object| gaplugins object| gaData object| advads_passive_ads object| advads_passive_groups object| advads_passive_placements object| advads_placement_tests object| advads_ajax_queries object| advads_has_ads object| advads_js_items object| perf_vals object| GoogleGcLKhOms object| google_image_requests

18 Cookies

Domain/Path Name / Value
.directexpresshelp.com/ Name: ezoictest
Value: stable
.directexpresshelp.com/ Name: ezoab_510601
Value: mod273-c
.directexpresshelp.com/ Name: active_template::510601
Value: orig_site.1728473596
.directexpresshelp.com/ Name: ezosuibasgeneris-1
Value: 39a1aee4-d696-4073-5e6d-5339644b0315
.directexpresshelp.com/ Name: lp_510601
Value: https://directexpresshelp.com/
.directexpresshelp.com/ Name: ezovuuidtime_510601
Value: 1728473596
.directexpresshelp.com/ Name: ezovuuid_510601
Value: 6ce641f1-9b84-47f5-6009-ad4a0376b66f
.directexpresshelp.com/ Name: ezoref_510601
Value:
directexpresshelp.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
directexpresshelp.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
directexpresshelp.com/ Name: advanced_ads_page_impressions
Value: %7B%22expires%22%3A2043833597%2C%22data%22%3A1%7D
directexpresshelp.com/ Name: advanced_ads_browser_width
Value: 1600
.directexpresshelp.com/ Name: _ga_6QW80M9MT9
Value: GS1.1.1728473600.1.0.1728473600.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.directexpresshelp.com/ Name: _ga
Value: GA1.2.944001777.1728473601
.directexpresshelp.com/ Name: _gid
Value: GA1.2.1232354334.1728473601
.directexpresshelp.com/ Name: _gat_gtag_UA_43683690_3
Value: 1
directexpresshelp.com/ Name: ezux_lpl_510601
Value: 1728473601490|7f4151de-f912-4c62-4a09-0f617eb04ed2|false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
directexpresshelp.com
googleads.g.doubleclick.net
i0.wp.com
images.dmca.com
pagead2.googlesyndication.com
pixel.wp.com
rcm-na.amazon-adsystem.com
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
directexpresshelp.com
pagead2.googlesyndication.com
rcm-na.amazon-adsystem.com
142.250.65.194
142.250.80.100
157.240.241.1
172.217.165.130
192.0.76.3
192.0.77.2
2606:4700:3031::ac43:c2c0
2607:f8b0:4006:806::2008
2607:f8b0:4006:816::2001
2607:f8b0:4006:824::200e
2a02:6ea0:c454::1
007078a6fc420ba722a9a08f6237161e0736553b1ea84a0b8f677468ddbcaf11
0252ba74fdd3b504dd7b4d4a15720f1134959bd5e18b1cd26d656924f08629cc
031451a08ac9dfd5d91a2fb8101be8c4d7cf0c8941d8542abb6fd61d221b2342
037d14ce96f27706386c4475d17d7e4e448247ad61aa33b8328d4968bb83234e
092955f521559093671a2302925cf7e43be3c9c36a2f4c32a35c4d910feb6984
0d848d1bba0a5740f08135ebe6ff96c31bc4baa04273f4d6310fc59e14c119ee
0f67393986c012dbf48aa3149e2874bd84ed5f466362ad1ac31305f697f1da7b
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1d7a77f24fc31abf310ccb240b2e0a49f2582823f990eef11a3abc37f286ea12
200b0303f61ba2043f9f2656ae1ee440ff9b4f4e01a8d940ec01d3e35f9b1e1b
29eab285958e0c7851f7532fcfa4ddb59ab85f844c6436b8c3f1e2a36d7be60f
34d57b944a61b899807b6946e4a6c2d9692415917faa0a0fffd8d95277431821
4559f063977072488f6dd2c96ff11fa2dbfc62c9e26d1b8c2c80c48a85964ecc
4762e6e3977758faa3346322cb4f9a2b247d0cabf54783caee527f4a8646c02a
48fa15ccaa399f72e882109fb24bda3989d5324a583b7a2d3bd2e60d0b7d2863
49a9ac1d858ea241588286ff239755f54ec95142e3aa79174dc589a1b076683e
4c2df0892b2e68fb2a1baee0cbf0ad2aac11419d49c9b97f10a81455b03e6a93
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
51446f2d9f69aff69bf39feb33cc5661e4e6c8366825bc4cfb63caa498fe32d7
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
69da439092647389eae2c6dd4db802c8b231790fc34e6fd830266fd2c22b66f7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e9cc574a5fac93935179f833c3c532a2d29f30cbbe4485e26cf1910b487180c
6ecfe4e84e51548a0f75361f2f63e1aeebcf76095093d8373a177148df7ad4c9
7290d32ab0826dfce84d68827f4b76ebd3a29212b9e5f41e1fb90d0969babb33
77a40222cb1869e1fe6c264f3e47bb35c9cc0bbf2cc422bd743ad7f4fd6f9338
829a4568d0c8e326c1e022af19985d295dc933dee3ac68e8beb1d29684eba649
84aa2e0bf1472007d49c9d38c63217ba76ab5a3b5d8c26d542430a7e4fb989dc
88e58b06a43d52cf619d55c3134633e2e6476c9d284781aca2d0f6547ee1a938
8cb6666ac5ca730743eb9537dfb26940c88ffcbf6965a5122760a9d1e46a1503
8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20
9a400130d53c80a8e2dbdd366c2508f75c73f705747c61b517eaa8af70bbefa3
9cee72e002e960bab44f3a12c9d1bb04a35085e78e49a82f3676b309a7ca30e2
9fba7686001b516b0414bef328255eca729f278c1d14d324c8567733426439a5
add4e3a3c162f8a219d652083f2e7a4fd556207d60e113c4f2ab60897fe1e033
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d43cacbd1934267702ca7fe012e37a4ceb69fd4f1bfccf928a6cc833ce0241a4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df819f3ecfb17f0741e6b433346959338e536d3cfc2cf90a2a440bba10f3909c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f82c06e12f028861fcc3587190038b946c774d584c8f58287da453cdfb941b
e5e908685e9d9b36587c75f3582addeffe21519015fb7f5753b106b7becbdfab
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
f247edbec875276beb09e0280ade756c78f4a72cf3a5732d228f0cabcc3c0e05
f35d832f9a98087a510140f8c1b536ba0f6879feb33cfa90eed300abf44a4b22
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f9ff06d5d2582b76bd977802f4bfd3275be04820397f192853602ee27f88f8f3
fa662965a428b991b8cf8b785026a4a6be6e7c402547c9ae917e031d1ab80a41
fd6e53dbb6934a1cf84c0e7caa7ef57c5aed117af8512ca036b048a81d5d80f1
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ffc213549ebefcae379a54e755263c4d40f382f4acfb138a9c2411eb0ff5a065