save2.cechire.com Open in urlscan Pro
74.207.228.196 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://save2.cechire.com/
Submission Tags: @ecarlesi threat phishing arvestbank Search All
Submission: On October 20 via api (October 20th 2024, 1:04:04 am UTC) from IT — Scanned from IT

Summary HTTP 100 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 14 domains to perform 100 HTTP transactions. The main IP is 74.207.228.196, located in Atlanta, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is save2.cechire.com.
TLS certificate: Issued by R11 on October 19th 2024. Valid for: 3 months.

This is the only time save2.cechire.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Arvest Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
49	74.207.228.196 74.207.228.196	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
4	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.215.172.219 3.215.172.219	14618 (AMAZON-AES) (AMAZON-AES)
24	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
1	34.253.9.22 34.253.9.22	16509 (AMAZON-02) (AMAZON-02)
1	3.92.120.28 3.92.120.28	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
100	18

49 74.207.228.196 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 74-207-228-196.ip.linodeusercontent.com

save2.cechire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.215.172.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-172-219.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.9.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-9-22.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com

customers.arvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	cechire.com save2.cechire.com	1010 KB
24	qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 835 znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com — Cisco Umbrella Rank: 258838	182 KB
7	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	426 KB
4	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	121 KB
3	pardot.com pi.pardot.com — Cisco Umbrella Rank: 5653	4 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 797	4 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3185 content.hotjar.io — Cisco Umbrella Rank: 6755	402 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	62 KB
2	doubleclick.net td.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	546 B
1	arvest.com customers.arvest.com — Cisco Umbrella Rank: 285447	1020 B
1	google.it www.google.it — Cisco Umbrella Rank: 27958	408 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
100	14

	Domain	Requested by
49	save2.cechire.com	save2.cechire.com cdn.cookielaw.org
22	siteintercept.qualtrics.com	save2.cechire.com znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com siteintercept.qualtrics.com
5	px.ads.linkedin.com	2 redirects snap.licdn.com
4	www.googletagmanager.com	save2.cechire.com www.googletagmanager.com
4	cdn.cookielaw.org	save2.cechire.com www.googletagmanager.com
3	pi.pardot.com	save2.cechire.com pi.pardot.com
2	unpkg.com	1 redirects
2	px4.ads.linkedin.com	save2.cechire.com
2	znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com	save2.cechire.com
1	customers.arvest.com	pi.pardot.com
1	content.hotjar.io	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.google.it	save2.cechire.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	td.doubleclick.net	save2.cechire.com
100	19

This site contains no links.

Subject Issuer	Validity	Valid
save2.cechire.com R11	`2024-10-19` - `2025-01-17`	3 months	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.it WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
customers.arvest.com R11	`2024-10-13` - `2025-01-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://save2.cechire.com/
Frame ID: 86E4B406C22678CB26DCE152B1D45D8A
Requests: 99 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11451864523?random=1708832324990&cv=11&fst=1708832324990&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be42l0v9174033411za200&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fwww.arvest.com%2Fpersonal%2Fsignon%2Flogon&ref=https%3A%2F%2Fwww.arvest.com%2F&hn=www.googleadservices.com&frm=0&tiba=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&npa=0&pscdl=noapi&auid=1693504877.1708731724&uaa=x86&uab=64&uafvl=Chromium%3B122.0.6261.57%7CNot(A%253ABrand%3B24.0.0.0%7CGoogle%2520Chrome%3B122.0.6261.57&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 680E614F5E70260672829697D32085D5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arvest: Personal: Arvest Online Banking: Online Banking

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

100
Requests

97 %
HTTPS

50 %
IPv6

14
Domains

19
Subdomains

18
IPs

5
Countries

1830 kB
Transfer

3822 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238824&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238824&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2&e_ipv6=AQL1VP3B9ccTwgAAAZKnc9Q9h_rF81atTfewLLjabcPgHUiUZn8F0Z51CBHcdwFH6oEquw

Request Chain 78

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238825&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238825&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2&e_ipv6=AQLNZ5EJpAYmlwAAAZKnc9Q7ozvWK6MTCRrBc32EH8Wh3cw3XAHYOu1u5U0GRrjt63k4Qw

Request Chain 92

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.3/dist/web-vitals.iife.js

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
save2.cechire.com/ 139 KB
139 KB 474ms
135ms Document
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 83ed8efe25e4c5c5087616d5328864e63fbfc50d6ca90db35adae60c55fe3c4b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 142276
Content-Type: text/html
Date: Sun, 20 Oct 2024 01:03:56 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 26 Feb 2024 04:37:00 GMT
Server: Apache

GET
H/1.1 200
OK MyFontsWebfontsKit.css
save2.cechire.com/css/ 2 KB
2 KB 403ms
135ms Stylesheet
text/css 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/css/MyFontsWebfontsKit.css
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 0b9ef95e6810f4ea8fb771c6f98b5082f5297c18a3b9fe09f3f4acb7f1ef9753

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1738
Keep-Alive: timeout=5, max=100
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:20 GMT
Content-Type: text/css
Server: Apache

GET
H/1.1 200
OK bootstrap_custom.css
save2.cechire.com/css/ 103 KB
103 KB 403ms
135ms Stylesheet
text/css 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/css/bootstrap_custom.css
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 49650fcab47a18d13c5cd1695d95c5679f2610af77aaea816b0db65f046b1ad8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 105619
Keep-Alive: timeout=5, max=100
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Mon, 26 Feb 2024 03:11:44 GMT
Content-Type: text/css
Server: Apache

GET
H/1.1 200
OK layout2.css
save2.cechire.com/css/ 32 KB
32 KB 403ms
134ms Stylesheet
text/css 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/css/layout2.css
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 321c54c075b6f9830e5a64d4176b72203e6f937eb6c80760e9f3ca68c88999d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 32884
Keep-Alive: timeout=5, max=100
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:20 GMT
Content-Type: text/css
Server: Apache

GET
H/1.1 200
OK viewport.js Show response
save2.cechire.com/js/ 2 KB
2 KB 410ms
133ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/viewport.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: e2bc669f0b7ef507ff771bd5f7fb4dabdbcedcff21a7828427ec5251afd9c1c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2001
Keep-Alive: timeout=5, max=100
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:22 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK jquery-1.9.1.min.js Show response
save2.cechire.com/js/ 90 KB
91 KB 411ms
134ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/jquery-1.9.1.min.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 92629
Keep-Alive: timeout=5, max=100
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:22 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK common.min.js Show response
save2.cechire.com/js/ 10 KB
10 KB 530ms
135ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/common.min.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 49825a22ee9e05fb6a125bbe4d158571887d62129b9df126af4f35682e1400fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 10229
Keep-Alive: timeout=5, max=99
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:22 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK aob-search.js Show response
save2.cechire.com/js/ 9 KB
9 KB 538ms
136ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/aob-search.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: e2dc701dd8b23048c0e3b2483583dda42b19f10f9b1c35ce2a60312742734d11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 9081
Keep-Alive: timeout=5, max=99
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:24 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK pm_fp.js Show response
save2.cechire.com/js/ 22 KB
22 KB 546ms
135ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/pm_fp.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: f70fb9db44b518c9b2cf697ed6eb32efd82141f45d612f1ee480eb9de338a859

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 22503
Keep-Alive: timeout=5, max=99
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:24 GMT
Content-Type: text/javascript
Server: Apache

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202307.1.0/ 405 KB
98 KB 99ms
37ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71d07479f4b2b809e5769a352f4f55b84690289026ace7ed5395230002551a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-md5: orDm7smwsr/pjTi/DOTSGQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DB9307EC3B2CDE
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 19851
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: application/javascript
last-modified: Wed, 02 Aug 2023 03:24:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 1e317a27-c01e-0099-0a64-14463e000000
cf-ray: 8d5517562b8b5262-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99815
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 0
358 B 966ms
270ms Script
text/html 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=205259305&visitor_id_sign=9bca230bddc73b1ddbd5929395eac0b6472be2dd52ded9a183ef5b51dab662ac7a5e93ddaf135288c22b16e2604ce840129248ce&pi_opt_in=&campaign_id=138064&account_id=968183&title=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&url=https%3A%2F%2Fwww.arvest.com%2Fpersonal%2Fsignon%2Flogon&referrer=https%3A%2F%2Fwww.arvest.com%2F
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-172-219.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

cache-control: max-age=63072000
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Tue, 20 Oct 2026 01:03:58 GMT
Content-Length: 0
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=UTF-8
vary: User-Agent

GET
H2 200 12.93f2ca20511a668d8998.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 73 KB
21 KB 109ms
36ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.93f2ca20511a668d8998.chunk.js?Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web&Q_BRANDID=www.arvest.com

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c17bc0015006ea96281dd68dc9d5485513eabedc8c664b36ef2f104c5d46b460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"125c9-18dc302ef70"
age: 242478
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:57 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 19 Feb 2024 20:16:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d5517502b32bb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 7.5f000cafeed9b3b29059.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 110ms
38ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.5f000cafeed9b3b29059.chunk.js?Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c846cbcf5cc95505d0ea24b569f612c179c70b5ba6d4a6bf48ea8d874ddaca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"b52-18dc302ef70"
age: 242478
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:57 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 19 Feb 2024 20:16:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d5517502b34bb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 1.5f4f8c3e3982904758f5.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 107ms
35ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.5f4f8c3e3982904758f5.chunk.js?Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0fde5842f87cb883a7539d2c9222add8d2204fec2bd98a8ce2a489c00b8ecfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"73f8-18dc302ef70"
age: 242478
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:57 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 19 Feb 2024 20:16:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d5517502b33bb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H/1.1 200
OK arvest-logo.png
save2.cechire.com/images/ 4 KB
4 KB 134ms
134ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/arvest-logo.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 8d8f81b3deb15a8d8a4d940347fb3322ca6d49640e7ce14514ccbe07862a1aba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4092
Keep-Alive: timeout=5, max=98
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:38 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK Free_Blue.png
save2.cechire.com/images/ 59 KB
60 KB 135ms
135ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/Free_Blue.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 57ae174603c8b742a3451fa828ceb88f6adcee9914d15ad2a6e2587a7560ddf3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 60883
Keep-Alive: timeout=5, max=98
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:38 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 404
Not Found arvest-file_Business_Checking.png
save2.cechire.com/images/ 315 B
315 B 135ms
135ms Image
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/arvest-file_Business_Checking.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Keep-Alive: timeout=5, max=97
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 200
OK Credit_Card.png
save2.cechire.com/images/ 41 KB
41 KB 136ms
136ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/Credit_Card.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: f804babf0378097f340f8d1e6ec81e0909cf8f6e40c25f18ddc890f8cf6ddf1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 41733
Keep-Alive: timeout=5, max=97
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:40 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK Prequalify.png
save2.cechire.com/images/ 54 KB
54 KB 137ms
136ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/Prequalify.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 5a2786c9431c351e8ad9aeb0d1751c442098836a7e54acd032307eb11546ca34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 54948
Keep-Alive: timeout=5, max=96
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:40 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK New_Year_New_Plan.png
save2.cechire.com/images/ 63 KB
63 KB 138ms
135ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/New_Year_New_Plan.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 1ca54e1f6292eb97915b904620fa16031aa7ce0537dd6e12e742a279b313fb96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 64220
Keep-Alive: timeout=5, max=98
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:40 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK login-arrow-icon.png
save2.cechire.com/images/ 271 B
512 B 137ms
135ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/login-arrow-icon.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 01d1a470c25a6f60c6fa9e7de42b0158533a7bf3de3c0d7c2687f5a5a8269377

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 271
Keep-Alive: timeout=5, max=99
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:42 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK ios.png
save2.cechire.com/images/ 5 KB
5 KB 135ms
135ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/ios.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 45b33290a887374b0351ad46d4f1fddc8038b3b805ae11fc1520c732108691a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4885
Keep-Alive: timeout=5, max=92
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:42 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK soc-share-circle.png
save2.cechire.com/images/ 717 B
958 B 252ms
134ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/soc-share-circle.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 16eba136a35400f1100a450d2f48d656b67296e74c62521aedcd8fab29c7d4ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 717
Keep-Alive: timeout=5, max=98
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:42 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK soc-fb.png
save2.cechire.com/images/ 589 B
830 B 521ms
134ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/soc-fb.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 610c99d9f333e8e356584239f9cbf91592f1c38877fce7d1d1da4bf3aac94e44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 589
Keep-Alive: timeout=5, max=96
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:44 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK twitter.png
save2.cechire.com/images/ 4 KB
4 KB 521ms
134ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/twitter.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: d7a3631bbf3cb473e49619fcb0b0857b4b37a24f11f19ae4956873648285a0a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4020
Keep-Alive: timeout=5, max=96
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:44 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK soc-youtube.png
save2.cechire.com/images/ 15 KB
15 KB 523ms
134ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/soc-youtube.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 3ffbb276d8124704f5a7e0035b5bb87e4adc7a7e4b322ae2ed476ee37ffa7ffc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15201
Keep-Alive: timeout=5, max=89
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:44 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK soc-instagram.png
save2.cechire.com/images/ 686 B
927 B 256ms
134ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/soc-instagram.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 2ee5b697a7b857ffe13445f6b2ee5ca3f0ab76be6c03b51bc53879648c7bd9a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 686
Keep-Alive: timeout=5, max=91
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:44 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK fdic-logo.png
save2.cechire.com/images/ 916 B
1 KB 520ms
135ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/fdic-logo.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 4bf5ca21167bd44e7b547a5c908f0cb82a9420f0b4927ff1ded1232446f6f17e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 916
Keep-Alive: timeout=5, max=96
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:46 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK housing-logo2.png
save2.cechire.com/images/ 653 B
894 B 519ms
136ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/housing-logo2.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 3132b69dbeb859635eea70dbdae8557c143d111eeb9a473fb84fe5fac904cc18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 653
Keep-Alive: timeout=5, max=97
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:46 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK fdic.png
save2.cechire.com/images/ 1 KB
2 KB 134ms
134ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/fdic.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 971cbfd037bdfa175bbcc512eb44ef5430b917a88df8b0b0344d85dff95f795e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1411
Keep-Alive: timeout=5, max=95
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:46 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK nhl.png
save2.cechire.com/images/ 1 KB
1 KB 135ms
134ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/nhl.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: f4d067fab799e99b87904f659c692a443efdefb8d5eefcc98fc7db2cd5bd39cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1277
Keep-Alive: timeout=5, max=95
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:46 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK bootstrap_custom.min.js Show response
save2.cechire.com/js/ 14 KB
14 KB 135ms
134ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/bootstrap_custom.min.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 7cb7d45abdb6a6b76a257b2065c376ebd1bdb616549796a226672c0efe26712f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 14003
Keep-Alive: timeout=5, max=96
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:48 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK helper.js Show response
save2.cechire.com/js/ 15 KB
15 KB 136ms
135ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/helper.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: c69aee89540f62119a3f238ce99a2a5d11bf3d1fda7476e4726f7b2f457431f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15267
Keep-Alive: timeout=5, max=95
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:48 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK typeahead.bundle.min.js Show response
save2.cechire.com/js/ 29 KB
29 KB 144ms
144ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/typeahead.bundle.min.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 47f3e568e98dcede576220692a11b6987954da32bef0da8b49c58103d284071c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 29667
Keep-Alive: timeout=5, max=95
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:48 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK jquery.selectbox-0.2.min.js Show response
save2.cechire.com/js/ 8 KB
8 KB 135ms
135ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/jquery.selectbox-0.2.min.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 6fa4c9f68e9b5b06234e16b32ff959da7b13da29c5cdfd1be1a81b83587f180e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8114
Keep-Alive: timeout=5, max=94
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:50 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK bpopup-0.10.0.min.js Show response
save2.cechire.com/js/ 5 KB
6 KB 135ms
135ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/bpopup-0.10.0.min.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: b55047bf9b91990cbfecc4306349fa33f33822579f26212451fc4faa98437da7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5436
Keep-Alive: timeout=5, max=94
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:50 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK main.min.js Show response
save2.cechire.com/js/ 8 KB
8 KB 135ms
135ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/main.min.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 84e48b945f7a402015726fa2357362c6d169b1bcc293b92bb1ced235bb50791b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 7836
Keep-Alive: timeout=5, max=93
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:50 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK search-script.min.js Show response
save2.cechire.com/js/ 216 KB
216 KB 135ms
135ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/search-script.min.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 0b8d1d69c2b0073ea20dc440b46983538b90dd338b8954dd4e5c1aca0c4e7af4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 221383
Keep-Alive: timeout=5, max=93
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:52 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK OtAutoBlock.js Show response
save2.cechire.com/js/ 25 KB
25 KB 136ms
135ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/OtAutoBlock.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 1b1852f52af150cc8a56f34dc02793ad80ff6e65d025b107e7a687a3c6c91f61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25210
Keep-Alive: timeout=5, max=99
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:52 GMT
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK otSDKStub.js Show response
save2.cechire.com/js/ 21 KB
21 KB 137ms
134ms Script
text/javascript 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/otSDKStub.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 21100
Keep-Alive: timeout=5, max=99
Date: Sun, 20 Oct 2024 01:03:58 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:54 GMT
Content-Type: text/javascript
Server: Apache

GET
H2 200 / Show response
znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/ 10 KB
4 KB 54ms
38ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2086cf9a9704fb3620e5152d0d9ba18c82f54b143f1c6bc5dea67fce1c8253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"26a0-WetwD4uU2rp7YardFkBH1aZVxww"
age: 266118
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551755debabb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Arvest_Blue.png
cdn.cookielaw.org/logos/6172babb-2745-4cff-9039-b1406add1ba4/fada2104-882f-43bd-a08d-f4edf8f3a307/3e6cb5bb-d360-42fe-9fb3-5981de87d38f/ 13 KB
13 KB 123ms
63ms Image
mage/png 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/6172babb-2745-4cff-9039-b1406add1ba4/fada2104-882f-43bd-a08d-f4edf8f3a307/3e6cb5bb-d360-42fe-9fb3-5981de87d38f/Arvest_Blue.png

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8dfec6b2ebf53eb2ed27513f1a17f035f59b9c854c193cd3884273e5d9104a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-md5: iH4kUmdFlsukv4aqm9ptKg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D946CF0E6BDBA3
age: 14738
cf-cache-status: HIT
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: mage/png
last-modified: Wed, 14 Jul 2021 13:55:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 6a9d0c0f-001e-0062-384e-79fba4000000
cf-ray: 8d5517562b8a5262-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13471
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
3 KB 96ms
36ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 9805
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Oct 2024 06:37:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 324d4739-a01e-00a0-6e98-1f5cec000000
cf-ray: 8d5517562b8c5262-MXP
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 101 KB
29 KB 39ms
38ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e12d7e885427fc7cc9c6f54adcb51194be0876a94ab1fca7d9e282b0b7b439e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"195c6-18dc302ef70"
age: 242479
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 19 Feb 2024 20:16:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551755ceabbb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
22 KB 40ms
39ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cc526c4456816f958583d3d70c99c2fef5dcbae92e6f5c134b6993c8dc108a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"fefc-18dc302ef70"
age: 14738
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 19 Feb 2024 20:16:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551755ceadbb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 245 B
557 B 38ms
37ms Image
image/png 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

cf-bgj: imgq:85,h2pri
servershortname
age: 283840
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Fri, 29 Sep 2034 05:45:06 GMT
cf-polished: origSize=757
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: image/png
last-modified: Thu, 05 Sep 2024 21:38:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=315360000, public
trace-id: cab2141f9958c7c9
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d551755ceaebb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
content-length: 245
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 436 KB
126 KB 150ms
66ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa2726faf224765d87004f46ab55959105ea855e77caae24e31e366800506abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 20 Oct 2024 01:03:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 20 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 128460
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK arvest-logo.png
save2.cechire.com/images/ 4 KB
0 2ms
2ms Image
image/png 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/arvest-logo.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 8d8f81b3deb15a8d8a4d940347fb3322ca6d49640e7ce14514ccbe07862a1aba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Accept-Ranges: bytes
Content-Length: 4092
Date: Sun, 20 Oct 2024 01:03:57 GMT
Last-Modified: Sun, 25 Feb 2024 01:30:38 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 404
Not Found top-nav-bg.png
save2.cechire.com/images/template/ 315 B
315 B 278ms
134ms Image
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/template/top-nav-bg.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/css/layout2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/css/layout2.css

Response headers

Keep-Alive: timeout=5, max=92
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 404
Not Found nav-search-bar-bg.png
save2.cechire.com/images/template/ 315 B
315 B 387ms
133ms Image
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/template/nav-search-bar-bg.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/css/layout2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/css/layout2.css

Response headers

Keep-Alive: timeout=5, max=97
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 404
Not Found myArvest.png
save2.cechire.com/images/icons/ 315 B
315 B 547ms
134ms Image
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/icons/myArvest.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/css/layout2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/css/layout2.css

Response headers

Keep-Alive: timeout=5, max=90
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 404
Not Found custserv.png
save2.cechire.com/images/icons/lg/ 315 B
315 B 387ms
134ms Image
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/icons/lg/custserv.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/css/layout2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/css/layout2.css

Response headers

Keep-Alive: timeout=5, max=97
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 404
Not Found footer-bg960.png
save2.cechire.com/images/template/ 315 B
315 B 384ms
133ms Image
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://save2.cechire.com/images/template/footer-bg960.png
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/css/layout2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/css/layout2.css

Response headers

Keep-Alive: timeout=5, max=97
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 404
Not Found 26DA37_0_0.woff
save2.cechire.com/css/webfonts/ 0
0 248ms
135ms Font
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/css/webfonts/26DA37_0_0.woff
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/css/MyFontsWebfontsKit.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://save2.cechire.com
Referer: https://save2.cechire.com/css/MyFontsWebfontsKit.css

Response headers

Keep-Alive: timeout=5, max=98
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 404
Not Found 26DA37_1_0.woff
save2.cechire.com/css/webfonts/ 0
0 250ms
134ms Font
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/css/webfonts/26DA37_1_0.woff
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/css/MyFontsWebfontsKit.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://save2.cechire.com
Referer: https://save2.cechire.com/css/MyFontsWebfontsKit.css

Response headers

Keep-Alive: timeout=5, max=98
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 200
OK / Show response
save2.cechire.com/ 139 KB
0 0ms
0ms Script
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 83ed8efe25e4c5c5087616d5328864e63fbfc50d6ca90db35adae60c55fe3c4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Accept-Ranges: bytes
Content-Length: 142276
Date: Sun, 20 Oct 2024 01:03:56 GMT
Last-Modified: Mon, 26 Feb 2024 04:37:00 GMT
Content-Type: text/html
Server: Apache

GET
H/1.1 404
Not Found 430cf39f-917d-469f-9c6a-0de3834f38d3.json Show response
save2.cechire.com/js/otSDKStub.js/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/ 315 B
515 B 493ms
134ms XHR
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/otSDKStub.js/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/430cf39f-917d-469f-9c6a-0de3834f38d3.json
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/js/otSDKStub.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Keep-Alive: timeout=5, max=96
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 404
Not Found pd.js
save2.cechire.com/arvest-file/pijs/ 0
0 135ms
134ms Script
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/arvest-file/pijs/pd.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Keep-Alive: timeout=5, max=88
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H2 200 11451864523
td.doubleclick.net/td/rul/ Frame 680E 0
0 135ms
50ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11451864523?random=1708832324990&cv=11&fst=1708832324990&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be42l0v9174033411za200&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fwww.arvest.com%2Fpersonal%2Fsignon%2Flogon&ref=https%3A%2F%2Fwww.arvest.com%2F&hn=www.googleadservices.com&frm=0&tiba=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&npa=0&pscdl=noapi&auid=1693504877.1708731724&uaa=x86&uab=64&uafvl=Chromium%3B122.0.6261.57%7CNot(A%253ABrand%3B24.0.0.0%7CGoogle%2520Chrome%3B122.0.6261.57&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://save2.cechire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Oct 2024 01:03:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 10.319b0e3aa67f5d45b301.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 75 KB
21 KB 37ms
36ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Requested by

Host: znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
URL: https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fdaa0f7db1471bbbc70b05f22903f3be734f1724747136d7add061193badc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12a92-1929143f920"
age: 269069
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 17:40:04 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d5517571f4abb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
2 KB 144ms
144ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cTsTcEDc1rc1Tnw&Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b14d8006feaf39538b17c86cefa5e580947f28dad1d1334cab648e0f71563f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
trace-id: a8a7af4f1eab8915
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d5517575f72bb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://save2.cechire.com
server: cloudflare

GET
H/1.1 404
Not Found 26DA37_0_0.ttf
save2.cechire.com/css/webfonts/ 0
0 135ms
134ms Font
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/css/webfonts/26DA37_0_0.ttf
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/css/MyFontsWebfontsKit.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://save2.cechire.com
Referer: https://save2.cechire.com/css/MyFontsWebfontsKit.css

Response headers

Keep-Alive: timeout=5, max=90
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 404
Not Found 26DA37_1_0.ttf
save2.cechire.com/css/webfonts/ 0
0 150ms
134ms Font
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/css/webfonts/26DA37_1_0.ttf
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/css/MyFontsWebfontsKit.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://save2.cechire.com
Referer: https://save2.cechire.com/css/MyFontsWebfontsKit.css

Response headers

Keep-Alive: timeout=5, max=91
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 379 KB
123 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GRH26TKW0W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a95247a2d0ee9d5933bd1a25cf123c6f138e2462092a1ffb62483bf598ea47b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 20 Oct 2024 01:03:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 125957
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-2651856.js Show response
static.hotjar.com/c/ 15 KB
6 KB 164ms
69ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2651856.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

31e7e32a6945dc66a398829cd5e3a3c5ac99db52553bbda155f83f976dfd9386

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/a15ea9803d9881425d15736a15808fab
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: xXvYo2bdpUDiDoLR6Qd2wIyXlcLEzw8kBlz7N9bwVN5ScUViseRf5g==
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 127ms
37ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

cache-control: max-age=73376
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Sun, 20 Oct 2024 01:03:58 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
7 KB 34ms
33ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCEDAD087F157F
x-ms-lease-status: unlocked
age: 13751
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 21:14:44 GMT
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 06:37:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ca0be203-601e-00f9-010e-20596a000000
cf-ray: 8d551757dca25262-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11451864523

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70244fbc616cb7e5adfbd635726f65572557bfbfbd4527cf718367dd19004de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 20 Oct 2024 01:03:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 20 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90354
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11451864523&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f8b01adb8756c25f7c9b4f2a147a3fe0866ad87ba1b5edbe4e6368834fddcd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 20 Oct 2024 01:03:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 20 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90406
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 404
Not Found 430cf39f-917d-469f-9c6a-0de3834f38d3.json Show response
save2.cechire.com/js/otSDKStub.js/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/ 315 B
515 B 443ms
134ms XHR
text/html 74.207.228.196
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://save2.cechire.com/js/otSDKStub.js/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/430cf39f-917d-469f-9c6a-0de3834f38d3.json
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.207.228.196 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 74-207-228-196.ip.linodeusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

Keep-Alive: timeout=5, max=89
Content-Length: 315
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 136ms
136ms Script
application/javascript 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-172-219.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

cache-control: max-age=63072000
content-encoding: gzip
etag: "15f4-gzip"
Connection: keep-alive
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
expires: Tue, 20 Oct 2026 01:03:58 GMT
accept-ranges: bytes
Content-Length: 1988
Date: Sun, 20 Oct 2024 01:03:58 GMT
Content-Type: application/javascript
last-modified: Fri, 18 Oct 2024 14:21:30 GMT
vary: Accept-Encoding,User-Agent

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 117ms
43ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GRH26TKW0W&gtm=45je4ah0v9180705104z8811537095za200zb811537095&_p=1729386237793&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&cid=1361215138.1729386239&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729386238&sct=1&seg=0&dl=https%3A%2F%2Fsave2.cechire.com%2F&dt=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&en=page_view&_fv=1&_nsi=1&_ss=2&ep.day_of_week=Sunday&tfd=2271
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GRH26TKW0W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://save2.cechire.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
546 B 145ms
48ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GRH26TKW0W&cid=1361215138.1729386239&gtm=45je4ah0v9180705104z8811537095za200zb811537095&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GRH26TKW0W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://save2.cechire.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
408 B 212ms
97ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GRH26TKW0W&cid=1361215138.1729386239&gtm=45je4ah0v9180705104z8811537095za200zb811537095&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101686685&tag_exp=101686685&z=2003287609

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 20 Oct 2024 01:03:58 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
30 KB 37ms
37ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fa248350399b5404755dfeab250f86af0c2a2622e0e81bc4bfe73ba7da2c0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"197ee-1929143f920"
age: 269068
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 17:40:04 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551758884fbb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
704 B 296ms
189ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://save2.cechire.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F911F33A40B94BD48002122F74DADE33 Ref B: MIL30EDGE0922 Ref C: 2024-10-20T01:03:58Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYk3hx0s05FtJKebUnkkQ==
x-li-proto: http/2
access-control-allow-origin: https://save2.cechire.com
x-cache: CONFIG_NOCACHE
date: Sun, 20 Oct 2024 01:03:58 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
643 B 334ms
224ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6159052%2C7175113&time=1729386238824&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer: https://save2.cechire.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 000624de1c74feaa47103268b7454901
x-msedge-ref: Ref A: 56FB5C81E57F49CD812FA28FCD644A1E Ref B: MIL30EDGE1108 Ref C: 2024-10-20T01:03:58Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYk3hx0/qpHEDJot0VJAQ==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238824&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238824&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2&e_ipv6=AQL1VP3B9ccTwgAAAZKnc9Q9h_rF81atTfewLLjabcPgHUiUZn8F0...

0
146 B

326ms
230ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238824&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2&e_ipv6=AQL1VP3B9ccTwgAAAZKnc9Q9h_rF81atTfewLLjabcPgHUiUZn8F0Z51CBHcdwFH6oEquw
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref: Ref A: 20984E9D3290484987A2A9B3F2BAB173 Ref B: MRS20EDGE0117 Ref C: 2024-10-20T01:03:59Z
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: AAYk3hx5sfyg0+gN8jgaIA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 20 Oct 2024 01:03:59 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238824&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2&e_ipv6=AQL1VP3B9ccTwgAAAZKnc9Q9h_rF81atTfewLLjabcPgHUiUZn8F0Z51CBHcdwFH6oEquw
x-msedge-ref: Ref A: D83DCBBD53464089A1CF16DF629E7E01 Ref B: MIL30EDGE0922 Ref C: 2024-10-20T01:03:58Z
x-li-fabric: prod-lor1
x-li-uuid: AAYk3hx09wlDaW1FSwmT4g==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 20 Oct 2024 01:03:58 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
816 B 300ms
191ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6159052%2C7175113&time=1729386238825&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer: https://save2.cechire.com/

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 000624de1c74c53a582ab3dbe182bf08
x-msedge-ref: Ref A: 9D64C41EA585424188478E41FDD7EF4B Ref B: MIL30EDGE1108 Ref C: 2024-10-20T01:03:58Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYk3hx0xTpYKrPb4YK/CA==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238825&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238825&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2&e_ipv6=AQLNZ5EJpAYmlwAAAZKnc9Q7ozvWK6MTCRrBc32EH8Wh3cw3XAHYO...

0
481 B

292ms
196ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238825&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2&e_ipv6=AQLNZ5EJpAYmlwAAAZKnc9Q7ozvWK6MTCRrBc32EH8Wh3cw3XAHYOu1u5U0GRrjt63k4Qw
Requested by: Host: save2.cechire.com
URL: https://save2.cechire.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref: Ref A: 25238159CF7440E3A9D110D1B66ED1D2 Ref B: MRS20EDGE0117 Ref C: 2024-10-20T01:03:59Z
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: AAYk3hx5tkM60uvqPuuo5w==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 20 Oct 2024 01:03:59 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1729386238825&url=https%3A%2F%2Fsave2.cechire.com%2F&tm=gtmv2&e_ipv6=AQLNZ5EJpAYmlwAAAZKnc9Q7ozvWK6MTCRrBc32EH8Wh3cw3XAHYOu1u5U0GRrjt63k4Qw
x-msedge-ref: Ref A: 4758BE4B7EFE430EBA9846456550D309 Ref B: MIL30EDGE0922 Ref C: 2024-10-20T01:03:58Z
x-li-fabric: prod-lor1
x-li-uuid: AAYk3hx07BSTib3xu8Jo7w==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 20 Oct 2024 01:03:58 GMT

GET
H2 200 modules.02161fb4f8ebb73fb3f8.js Show response
script.hotjar.com/ 225 KB
56 KB 150ms
44ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2651856.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "dec0c1b6789c165b6cb6404022b9d8ab"
age: 493072
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 1DelmEbHMKTzvSr8BETEszcTh06wP_DB4ZzuObqexVKN365tezFqWA==
date: Mon, 14 Oct 2024 08:06:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 08:05:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56680
x-amz-cf-pop: FRA56-P4

GET
H2 200 5.a03dfec9096ea47da329.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 37ms
36ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/5.a03dfec9096ea47da329.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
URL: https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c89be62ea5ef0fc2844b2318fec43e7af5f83efa8a9df832f3870f23ccb78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"b55-1929143f920"
age: 269068
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 17:40:04 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551758c886bb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 1.ae7fe7a4b663f1e26fd6.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 37ms
37ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.ae7fe7a4b663f1e26fd6.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
URL: https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29418da6e4f08ce0ea446c27f870cf94bf107f10b802a8fd792a6a727564a430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"741f-1929143f920"
age: 269068
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 17:40:04 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551758d88abb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 97 KB
29 KB 40ms
40ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caecbaade4681256dbbb5aea9ca2cf4e7156168c0fb237f57215065a3eca2474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"18244-1929143f920"
age: 269068
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 17:40:04 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551758d88dbb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 97ms
44ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_01JDqG39AUPDXfw&Version=67&Q_ORIGIN=https://save2.cechire.com&Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BrandTier=&Q_ARCACHEVERSION=21&Q_BRANDDC=iad1

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ac3861345c28152c466fe5de0bda8cc2b186020d4bcecd48f17db710176fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

x-request-id: f84f9b32-934b-44d5-a60a-0d98ce9a1338
x-transaction-id: e58943a3-be71-4818-a965-46dff3ff9db7
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1371-hB1V+DbTWcUpoj9U9CYrCbOMhzc"
age: 14735
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551759291d5274-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 97ms
44ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_6u0MmncjsLPdtpY&Version=2&Q_InterceptID=SI_01JDqG39AUPDXfw&Q_ORIGIN=https://save2.cechire.com&Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BrandTier=&Q_ARCACHEVERSION=21&Q_BRANDDC=iad1

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5c39863c6ec124214ecac0a1e0064514ea0c5f6d2630890f087c49b486e0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

x-request-id: 01f6d89f-2f43-414c-9ca4-d03625b9b795
x-transaction-id: fec12a2f-6b05-4d82-b5ab-ba74cc025fc4
content-encoding: gzip
cf-cache-status: HIT
etag: W/"624-/DdKwWQrlZzda1cVZmLJuMq2mK8"
age: 14735
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551759291e5274-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 403ms
402ms Script
text/javascript 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=138064&account_id=968183&title=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&url=https%3A%2F%2Fsave2.cechire.com%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-172-219.compute-1.amazonaws.com

Software

Resource Hash

37ca37495612003435ed755cac7738ab3313bd00f6e02140fc7bb89ee9c24eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 539
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Sun, 20 Oct 2024 01:03:59 GMT
Content-Type: text/javascript; charset=utf-8
vary: Accept-Encoding,User-Agent

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
232 B 57ms
56ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_6u0MmncjsLPdtpY&Q_SIID=SI_01JDqG39AUPDXfw&Q_ASID=AS_30008237&Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&r=1729386238949

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://save2.cechire.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
trace-id: 7b355c31847cdea9
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d551759894d5274-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://save2.cechire.com
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report

GET
H2 200 wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 245 B
0 1ms
1ms Image
image/png 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

cf-bgj: imgq:85,h2pri
servershortname
age: 283840
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Fri, 29 Sep 2034 05:45:06 GMT
cf-polished: origSize=757
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
date: Sun, 20 Oct 2024 01:03:58 GMT
content-type: image/png
last-modified: Thu, 05 Sep 2024 21:38:10 GMT
vary: Accept-Encoding
cache-control: max-age=315360000, public
trace-id: cab2141f9958c7c9
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d551755ceaebb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
content-length: 245
server: cloudflare

GET
H2 204 2651856 Show response
vc.hotjar.io/sessions/ 0
231 B 170ms
63ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2651856?s=0.25&r=0.015553169021501834
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
access-control-allow-origin: *
cache-control: no-store
x-cache: Miss from cloudfront
x-amz-cf-id: _lrfJNEbWbKnFULOh10S6amav08iyc9G1AVFUyC74K5PzRp_L2LLtA==
date: Sun, 20 Oct 2024 01:03:59 GMT
x-amz-cf-pop: FRA56-P5

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 324ms
160ms XHR
application/json 34.253.9.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=2651856&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.253.9.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-9-22.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e23641ed33dd2aded0fb0b703b2d341bac88f6ad16a6acfece1cb1d4782a1104

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://save2.cechire.com/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Sun, 20 Oct 2024 01:03:59 GMT
content-type: application/json

GET
H/1.1 200
OK analytics Show response
customers.arvest.com/ 50 B
1020 B 494ms
235ms Script
text/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customers.arvest.com/analytics?conly=true&visitor_id=293065078&visitor_id_sign=c4368ef9825ad21d35c44e3f54c21a624926c2884186d220b1b2e2f9d4d687a3571b436a66f743c18ecaa37210beb751bf253233&pi_opt_in=&campaign_id=138064&account_id=968183&title=Arvest:%20Personal:%20Arvest%20Online%20Banking:%20Online%20Banking&url=https://save2.cechire.com/&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=138064&account_id=968183&title=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&url=https%3A%2F%2Fsave2.cechire.com%2F&referrer=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-120-28.compute-1.amazonaws.com
Software: /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 50
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Sun, 20 Oct 2024 01:03:59 GMT
Content-Type: text/javascript; charset=utf-8
vary: User-Agent

GET
H2 200 / Show response
znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/ 10 KB
73 B 38ms
38ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Requested by

Host: save2.cechire.com
URL: https://save2.cechire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2086cf9a9704fb3620e5152d0d9ba18c82f54b143f1c6bc5dea67fce1c8253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"26a0-WetwD4uU2rp7YardFkBH1aZVxww"
age: 266119
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:59 GMT
edge-control: max-age=604800
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d55175e9c32bb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.3/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.3/dist/web-vitals.iife.js

7 KB
3 KB

37ms
37ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.3/dist/web-vitals.iife.js

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e6b3272816c9b6efeb0b3ccc16326c123d9860f38d7c7c4fc215334559996e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1c28-4f+2/GWZhXlozjo2GiBA+7VB9Ow"
age: 269005
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JABPP9JNNZK4ESH0YTD328FM-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d55175f496d525e-MXP
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /web-vitals@4.2.3/dist/web-vitals.iife.js
content-encoding: br
cf-cache-status: HIT
age: 60
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8d55175f0953525e-MXP
access-control-allow-origin: *
date: Sun, 20 Oct 2024 01:03:59 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JAKQ5TG62WP8SMEQE4GZTBE5-fra
server: cloudflare

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 144ms
143ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cTsTcEDc1rc1Tnw&Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b14d8006feaf39538b17c86cefa5e580947f28dad1d1334cab648e0f71563f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:59 GMT
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
trace-id: 6895cfff59c8b189
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d55175edc56bb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://save2.cechire.com
server: cloudflare

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 286ms
286ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cTsTcEDc1rc1Tnw&Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b14d8006feaf39538b17c86cefa5e580947f28dad1d1334cab648e0f71563f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://save2.cechire.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:04:00 GMT
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
trace-id: 77a4be899f5b7f22
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d55175edc58bb17-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://save2.cechire.com
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
0 0ms
0ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ac3861345c28152c466fe5de0bda8cc2b186020d4bcecd48f17db710176fce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

x-request-id: f84f9b32-934b-44d5-a60a-0d98ce9a1338
x-transaction-id: e58943a3-be71-4818-a965-46dff3ff9db7
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1371-hB1V+DbTWcUpoj9U9CYrCbOMhzc"
age: 14735
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551759291d5274-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
0 1ms
1ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5c39863c6ec124214ecac0a1e0064514ea0c5f6d2630890f087c49b486e0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

x-request-id: 01f6d89f-2f43-414c-9ca4-d03625b9b795
x-transaction-id: fec12a2f-6b05-4d82-b5ab-ba74cc025fc4
content-encoding: gzip
cf-cache-status: HIT
etag: W/"624-/DdKwWQrlZzda1cVZmLJuMq2mK8"
age: 14735
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551759291e5274-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
0 0ms
0ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ac3861345c28152c466fe5de0bda8cc2b186020d4bcecd48f17db710176fce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

x-request-id: f84f9b32-934b-44d5-a60a-0d98ce9a1338
x-transaction-id: e58943a3-be71-4818-a965-46dff3ff9db7
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1371-hB1V+DbTWcUpoj9U9CYrCbOMhzc"
age: 14735
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551759291d5274-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
0 0ms
0ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.319b0e3aa67f5d45b301.chunk.js?Q_CLIENTVERSION=2.17.0&Q_CLIENTTYPE=web&Q_BRANDID=save2.cechire.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5c39863c6ec124214ecac0a1e0064514ea0c5f6d2630890f087c49b486e0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://save2.cechire.com/

Response headers

x-request-id: 01f6d89f-2f43-414c-9ca4-d03625b9b795
x-transaction-id: fec12a2f-6b05-4d82-b5ab-ba74cc025fc4
content-encoding: gzip
cf-cache-status: HIT
etag: W/"624-/DdKwWQrlZzda1cVZmLJuMq2mK8"
age: 14735
x-content-type-options: nosniff
date: Sun, 20 Oct 2024 01:03:58 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d551759291e5274-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Arvest Bank (Banking)

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.save2.cechire.com/	1970-01-21 02:32:42	Name: _gcl_au Value: 1.1.861183157.1729386239
.doubleclick.net/	1970-01-21 00:23:07	Name: test_cookie Value: CheckForPermission
.save2.cechire.com/	1970-01-21 09:59:06	Name: _ga_GRH26TKW0W Value: GS1.1.1729386238.1.0.1729386238.60.0.0
.save2.cechire.com/	1970-01-21 09:59:06	Name: _ga Value: GA1.1.1361215138.1729386239
.save2.cechire.com/	1970-01-21 09:08:42	Name: _hjSessionUser_2651856 Value: eyJpZCI6IjI5Y2RmMmZlLTk4MzYtNTA0Zi1hNWU3LTk0OGEwNDI5YmQxYyIsImNyZWF0ZWQiOjE3MjkzODYyMzkwNTAsImV4aXN0aW5nIjp0cnVlfQ==
.save2.cechire.com/	1970-01-21 00:23:08	Name: _hjSession_2651856 Value: eyJpZCI6Ijc0MWZiZDMyLWUyYTYtNGNmYi1iODY4LTZlZGVlYzFiYjgxOSIsImMiOjE3MjkzODYyMzkwNTEsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.linkedin.com/	1970-01-21 00:24:32	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=3203:u=1:x=1:i=1729386239:t=1729472639:v=2:sig=AQF43_YMaHKOnNKbrtKdzA__3SL8gWvp"
.linkedin.com/	1970-01-21 09:08:42	Name: bcookie Value: "v=2&0ce27afd-66ec-4dd4-8804-ad8770fc2b82"
.linkedin.com/	1970-01-21 04:42:18	Name: li_gc Value: MTswOzE3MjkzODYyMzk7MjswMjGr69zBsDf2bOlxRqJnjcgnM3ybQM2m2+JkQXvAstmplw==
.pardot.com/	1970-01-21 09:59:06	Name: visitor_id967183 Value: 293065078
.pardot.com/	1970-01-21 09:59:06	Name: visitor_id967183-hash Value: c4368ef9825ad21d35c44e3f54c21a624926c2884186d220b1b2e2f9d4d687a3571b436a66f743c18ecaa37210beb751bf253233
pi.pardot.com/	1970-01-21 00:23:08	Name: lpv967183 Value: aHR0cHM6Ly9zYXZlMi5jZWNoaXJlLmNvbS8%3D
save2.cechire.com/	1970-01-21 09:59:06	Name: visitor_id967183 Value: 293065078
save2.cechire.com/	1970-01-21 09:59:06	Name: visitor_id967183-hash Value: c4368ef9825ad21d35c44e3f54c21a624926c2884186d220b1b2e2f9d4d687a3571b436a66f743c18ecaa37210beb751bf253233
customers.arvest.com/	1970-01-21 09:59:06	Name: visitor_id967183 Value: 293065078
customers.arvest.com/	1970-01-21 09:59:06	Name: visitor_id967183-hash Value: c4368ef9825ad21d35c44e3f54c21a624926c2884186d220b1b2e2f9d4d687a3571b436a66f743c18ecaa37210beb751bf253233

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://save2.cechire.com/images/arvest-file_Business_Checking.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation	warning	URL: https://save2.cechire.com/ Message: [DOM] Found 2 elements with non-unique id #aoblogon_userid: (More info: https://goo.gl/9p2vKq) %o %o
network	error	URL: https://save2.cechire.com/css/webfonts/26DA37_0_0.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/css/webfonts/26DA37_1_0.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/images/template/top-nav-bg.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/images/template/footer-bg960.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/images/template/nav-search-bar-bg.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/images/icons/lg/custserv.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/css/webfonts/26DA37_0_0.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/css/webfonts/26DA37_1_0.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/images/icons/myArvest.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/js/otSDKStub.js/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/430cf39f-917d-469f-9c6a-0de3834f38d3.json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/arvest-file/pijs/pd.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://save2.cechire.com/js/otSDKStub.js/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/430cf39f-917d-469f-9c6a-0de3834f38d3.json Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
content.hotjar.io
customers.arvest.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
save2.cechire.com
script.hotjar.com
siteintercept.qualtrics.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
unpkg.com
vc.hotjar.io
www.google.it
www.googletagmanager.com
znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
104.17.208.240
13.107.42.14
18.66.102.53
18.66.112.15
2001:4860:4802:32::36
2606:4700::6811:f8cb
2606:4700::6812:562a
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9c
2a02:26f0:3500:10::210:a99
3.215.172.219
3.92.120.28
34.253.9.22
52.222.236.122
74.207.228.196
01d1a470c25a6f60c6fa9e7de42b0158533a7bf3de3c0d7c2687f5a5a8269377
0b8d1d69c2b0073ea20dc440b46983538b90dd338b8954dd4e5c1aca0c4e7af4
0b9ef95e6810f4ea8fb771c6f98b5082f5297c18a3b9fe09f3f4acb7f1ef9753
16eba136a35400f1100a450d2f48d656b67296e74c62521aedcd8fab29c7d4ce
1b1852f52af150cc8a56f34dc02793ad80ff6e65d025b107e7a687a3c6c91f61
1ca54e1f6292eb97915b904620fa16031aa7ce0537dd6e12e742a279b313fb96
29418da6e4f08ce0ea446c27f870cf94bf107f10b802a8fd792a6a727564a430
2ee5b697a7b857ffe13445f6b2ee5ca3f0ab76be6c03b51bc53879648c7bd9a8
2fa248350399b5404755dfeab250f86af0c2a2622e0e81bc4bfe73ba7da2c0df
3132b69dbeb859635eea70dbdae8557c143d111eeb9a473fb84fe5fac904cc18
31e7e32a6945dc66a398829cd5e3a3c5ac99db52553bbda155f83f976dfd9386
321c54c075b6f9830e5a64d4176b72203e6f937eb6c80760e9f3ca68c88999d7
37ca37495612003435ed755cac7738ab3313bd00f6e02140fc7bb89ee9c24eb3
3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337
3cc526c4456816f958583d3d70c99c2fef5dcbae92e6f5c134b6993c8dc108a4
3ffbb276d8124704f5a7e0035b5bb87e4adc7a7e4b322ae2ed476ee37ffa7ffc
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
42c89be62ea5ef0fc2844b2318fec43e7af5f83efa8a9df832f3870f23ccb78c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b33290a887374b0351ad46d4f1fddc8038b3b805ae11fc1520c732108691a8
47f3e568e98dcede576220692a11b6987954da32bef0da8b49c58103d284071c
49650fcab47a18d13c5cd1695d95c5679f2610af77aaea816b0db65f046b1ad8
49825a22ee9e05fb6a125bbe4d158571887d62129b9df126af4f35682e1400fc
4bf5ca21167bd44e7b547a5c908f0cb82a9420f0b4927ff1ded1232446f6f17e
4f8b01adb8756c25f7c9b4f2a147a3fe0866ad87ba1b5edbe4e6368834fddcd6
57ae174603c8b742a3451fa828ceb88f6adcee9914d15ad2a6e2587a7560ddf3
5a2786c9431c351e8ad9aeb0d1751c442098836a7e54acd032307eb11546ca34
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
610c99d9f333e8e356584239f9cbf91592f1c38877fce7d1d1da4bf3aac94e44
6fa4c9f68e9b5b06234e16b32ff959da7b13da29c5cdfd1be1a81b83587f180e
70244fbc616cb7e5adfbd635726f65572557bfbfbd4527cf718367dd19004de3
71d07479f4b2b809e5769a352f4f55b84690289026ace7ed5395230002551a11
7cb7d45abdb6a6b76a257b2065c376ebd1bdb616549796a226672c0efe26712f
83ed8efe25e4c5c5087616d5328864e63fbfc50d6ca90db35adae60c55fe3c4b
84e48b945f7a402015726fa2357362c6d169b1bcc293b92bb1ced235bb50791b
88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8c846cbcf5cc95505d0ea24b569f612c179c70b5ba6d4a6bf48ea8d874ddaca1
8d8f81b3deb15a8d8a4d940347fb3322ca6d49640e7ce14514ccbe07862a1aba
8e6b3272816c9b6efeb0b3ccc16326c123d9860f38d7c7c4fc215334559996e2
8fdaa0f7db1471bbbc70b05f22903f3be734f1724747136d7add061193badc5d
971cbfd037bdfa175bbcc512eb44ef5430b917a88df8b0b0344d85dff95f795e
a0fde5842f87cb883a7539d2c9222add8d2204fec2bd98a8ce2a489c00b8ecfb
a95247a2d0ee9d5933bd1a25cf123c6f138e2462092a1ffb62483bf598ea47b4
b14d8006feaf39538b17c86cefa5e580947f28dad1d1334cab648e0f71563f5b
b55047bf9b91990cbfecc4306349fa33f33822579f26212451fc4faa98437da7
bf2086cf9a9704fb3620e5152d0d9ba18c82f54b143f1c6bc5dea67fce1c8253
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c17bc0015006ea96281dd68dc9d5485513eabedc8c664b36ef2f104c5d46b460
c69aee89540f62119a3f238ce99a2a5d11bf3d1fda7476e4726f7b2f457431f8
c8ac3861345c28152c466fe5de0bda8cc2b186020d4bcecd48f17db710176fce
caecbaade4681256dbbb5aea9ca2cf4e7156168c0fb237f57215065a3eca2474
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d7a3631bbf3cb473e49619fcb0b0857b4b37a24f11f19ae4956873648285a0a2
d8dfec6b2ebf53eb2ed27513f1a17f035f59b9c854c193cd3884273e5d9104a0
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e12d7e885427fc7cc9c6f54adcb51194be0876a94ab1fca7d9e282b0b7b439e8
e23641ed33dd2aded0fb0b703b2d341bac88f6ad16a6acfece1cb1d4782a1104
e2bc669f0b7ef507ff771bd5f7fb4dabdbcedcff21a7828427ec5251afd9c1c1
e2dc701dd8b23048c0e3b2483583dda42b19f10f9b1c35ce2a60312742734d11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5c39863c6ec124214ecac0a1e0064514ea0c5f6d2630890f087c49b486e0df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f4d067fab799e99b87904f659c692a443efdefb8d5eefcc98fc7db2cd5bd39cb
f70fb9db44b518c9b2cf697ed6eb32efd82141f45d612f1ee480eb9de338a859
f804babf0378097f340f8d1e6ec81e0909cf8f6e40c25f18ddc890f8cf6ddf1b
fa2726faf224765d87004f46ab55959105ea855e77caae24e31e366800506abf

save2.cechire.com Open in urlscan Pro 74.207.228.196 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

97 %HTTPS

50 %IPv6

14 Domains

19 Subdomains

18 IPs

5 Countries

1830 kBTransfer

3822 kBSize

16 Cookies

0 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

save2.cechire.com Open in urlscan Pro
74.207.228.196 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

97 %
HTTPS

50 %
IPv6

14
Domains

19
Subdomains

18
IPs

5
Countries

1830 kB
Transfer

3822 kB
Size

16
Cookies

100 HTTP transactions
0 data transactions