urlscan.io logo urlscan.io
SecurityTrails logo

mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com Open in urlscan Pro
66.231.91.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r20.rs6.net/tn.jsp?f=001HxpRIvEm8y4CStSADdNPFUrdzOkOVl_OYzYe_HPMy_AVNOTlH3-zfHjkrbK_h5VQCHzvtVvpgfp2kPKgFBmw...
Effective URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Submission: On January 03 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 15 domains to perform 30 HTTP transactions. The main IP is 66.231.91.26, located in United States and belongs to EXACT-7, US. The main domain is mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 29th 2022. Valid for: a year.
This is the only time mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 208.75.122.11 40444 (ASN-CC)
2 66.231.91.26 22606 (EXACT-7)
4 45.60.241.117 19551 (INCAPSULA)
4 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
3 45.60.233.29 19551 (INCAPSULA)
2 34.247.240.197 16509 (AMAZON-02)
1 13.225.77.245 16509 (AMAZON-02)
1 199.232.16.157 54113 (FASTLY)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 54.171.1.252 16509 (AMAZON-02)
1 52.50.213.80 16509 (AMAZON-02)
1 54.75.234.63 16509 (AMAZON-02)
3 35.190.43.134 15169 (GOOGLE)
3 104.17.209.240 13335 (CLOUDFLAR...)
1 15.236.176.210 16509 (AMAZON-02)
30 16
1    208.75.122.11 (United States)

ASN40444 (ASN-CC, US)
PTR: rs6.net
r20.rs6.net
2    66.231.91.26 (United States)

ASN22606 (EXACT-7, US)
mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
4    45.60.241.117 (United States)

ASN19551 (INCAPSULA, US)
imagelibrary.securian.com
4    2a02:26f0:f700:495::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
3    45.60.233.29 (United States)

ASN19551 (INCAPSULA, US)
assetlibrary.securian.com
2    34.247.240.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-240-197.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    13.225.77.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-245.fra2.r.cloudfront.net
sc-static.net
1    199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2606:4700::6811:f349 (United States)

ASN13335 (CLOUDFLARENET, US)
hello.myfonts.net
1    54.171.1.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-1-252.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    52.50.213.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-213-80.eu-west-1.compute.amazonaws.com
securian.tt.omtrdc.net
1    54.75.234.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-234-63.eu-west-1.compute.amazonaws.com
securian.demdex.net
3    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
3    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn0ht5mvovafa7a0m-securian.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
sfgglobalprod.112.2o7.net
Apex Domain
Subdomains		 Transfer
7 securian.com
imagelibrary.securian.com — Cisco Umbrella Rank: 574694
assetlibrary.securian.com — Cisco Umbrella Rank: 721718
2 MB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 500
108 KB
3 qualtrics.com
zn0ht5mvovafa7a0m-securian.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1459
24 KB
3 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 1032
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 301
securian.demdex.net — Cisco Umbrella Rank: 849324 Failed
5 KB
2 sfmc-content.com
mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
5 KB
1 2o7.net
sfgglobalprod.112.2o7.net
344 B
1 omtrdc.net
securian.tt.omtrdc.net — Cisco Umbrella Rank: 895247
856 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1416
517 B
1 myfonts.net
hello.myfonts.net — Cisco Umbrella Rank: 11109
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 981
393 B
1 t.co
t.co — Cisco Umbrella Rank: 633
376 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1013
15 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1069
13 KB
1 rs6.net
r20.rs6.net — Cisco Umbrella Rank: 14970
428 B
30 15
Domain Requested by
4 assets.adobedtm.com mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
assets.adobedtm.com
4 imagelibrary.securian.com mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
3 tr.snapchat.com sc-static.net
3 assetlibrary.securian.com mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
2 siteintercept.qualtrics.com zn0ht5mvovafa7a0m-securian.siteintercept.qualtrics.com
siteintercept.qualtrics.com
2 dpm.demdex.net assets.adobedtm.com
mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
2 mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
1 sfgglobalprod.112.2o7.net
1 zn0ht5mvovafa7a0m-securian.siteintercept.qualtrics.com assets.adobedtm.com
1 securian.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 securian.demdex.net assets.adobedtm.com
imagelibrary.securian.com
1 hello.myfonts.net imagelibrary.securian.com
1 analytics.twitter.com mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
1 t.co mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
1 static.ads-twitter.com mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
1 sc-static.net mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
1 r20.rs6.net 1 redirects
30 18

This site contains links to these domains. Also see Links.

Domain
www.securian.com
Subject Issuer Validity Valid
*.pub.sfmc-content.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-07 -
2023-06-05		 6 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-09		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-09-01		 a year crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-04 -
2023-05-04		 a year crt.sh
*.112.2o7.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-08 -
2023-04-20		 a year crt.sh

This page contains 4 frames:

Primary Page: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Frame ID: 2EAD48AFCC3C08A746E57751FD582C10
Requests: 29 HTTP requests in this frame

Frame: https://securian.demdex.net/dest5.html?d_nsid=0
Frame ID: DA8182AD3FAAF90474B3F2F2C99C59E5
Requests: 1 HTTP requests in this frame

Frame: https://securian.demdex.net/dest5.html?d_nsid=0
Frame ID: 0337EEEE85C467D0F35463647CEF5916
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=494e0e51-aa65-4d33-b49f-223d06df75a0&u_scsid=2d82c1be-d5e7-4541-998a-69d7ab45f704&u_sclid=0e0da30e-48b2-4503-80d7-488e0c29f171
Frame ID: BA91F58F451A9F9AE41427129F1A9444
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Business Valuations

Page URL History Show full URLs

  1. https://r20.rs6.net/tn.jsp?f=001HxpRIvEm8y4CStSADdNPFUrdzOkOVl_OYzYe_HPMy_AVNOTlH3-zfHjkrbK_h5VQ... HTTP 302
    https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2 Page URL

Page Statistics

30
Requests

93 %
HTTPS

12 %
IPv6

15
Domains

18
Subdomains

16
IPs

5
Countries

2379 kB
Transfer

6292 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r20.rs6.net/tn.jsp?f=001HxpRIvEm8y4CStSADdNPFUrdzOkOVl_OYzYe_HPMy_AVNOTlH3-zfHjkrbK_h5VQCHzvtVvpgfp2kPKgFBmwLihp0WuUFV4HWuzhJ2Ysqk1dyPs_TFV7P-F6gsWLQAGesINDvN9Jlpci7MtQmLI1DW4bTXOg-cbr7C6nn5ZPqxATC3xR7n4j17SkWDdnPl-TFxVcOp-ZfbpECOHZl_iJAaNAfi4McYudBfrXRfN3E3NekL9v6CJWo5jVZG9rMof2_65ATRsI3mg=&c=V6SHY4a6w02vXOmFKJif7hbL1R2T3Hg7hNa5VK3gW0pHy9yCaTVf4g==&ch=NUBs9LyskbM18miu5b5IuCOJ06-n32k3jj3zLxHgBMSwh345fkbEDw== HTTP 302
    https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://cm.everesttech.net/cm/dd?d_uuid=40236714633062828512711171205394946920 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7RVtQAAAMiPUgNe

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cuzhj5e05by
mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
Redirect Chain
  • https://r20.rs6.net/tn.jsp?f=001HxpRIvEm8y4CStSADdNPFUrdzOkOVl_OYzYe_HPMy_AVNOTlH3-zfHjkrbK_h5VQCHzvtVvpgfp2kPKgFBmwLihp0WuUFV4HWuzhJ2Ysqk1dyPs_TFV7P-F6gsWLQAGesINDvN9Jlpci7MtQmLI1DW4bTXOg-cbr7C6nn...
  • https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.231.91.26 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
Software
/
Resource Hash
b2069d13cf084772216ebe734a9b378b05322e96f7786cc4c385d4b245b5403f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Length
4986
Content-Type
text/html; charset=utf-8
Date
Tue, 03 Jan 2023 16:20:03 GMT
Expires
-1
Pragma
no-cache

Redirect headers

Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection
close
Content-Length
0
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 03 Jan 2023 16:20:02 GMT
Location
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
P3P
CP="CAO DSP TAIa OUR NOR UNI"
Pragma
no-cache
Server
Apache
vendor.css
imagelibrary.securian.com/assets/dsg/18.0.0/styles/ 		2 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagelibrary.securian.com/assets/dsg/18.0.0/styles/vendor.css
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.241.117 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a847ed901b3d07dd459463a4882f19f57bbb5deb6b6bd065801debf69960550d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:07:46 GMT
content-encoding
br
via
1.1 2af881fc3dba7aadc69b3ca00dd6e9e6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
IAD66-C2
age
738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-iinfo
13-686124272-686124294 NNNN CT(5 5 0) RT(1672762803776 96) q(0 0 0 1) r(0 0) U5
last-modified
Wed, 23 Nov 2022 16:29:13 GMT
server
AmazonS3
etag
W/"152f5a253801fda13cf841072ace8494"
vary
Accept-Encoding
content-type
text/css
x-amz-cf-id
wIuKzD6GGYTNPhPxfOSYEq2QIiqVvng67OZQCxOaLsi7pskrwWlwfw==
global.css
imagelibrary.securian.com/assets/dsg/18.0.0/styles/ 		2 MB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagelibrary.securian.com/assets/dsg/18.0.0/styles/global.css
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.241.117 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
746a5e50ddd242e928464ef95d98701d88a6eb34a2da928a2e6722252a5c6c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:07:46 GMT
content-encoding
br
via
1.1 603961b1b2dad8873023f00c2744bd6e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
IAD66-C2
age
738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-iinfo
13-686124272-686124295 NNNN CT(7 6 0) RT(1672762803776 96) q(0 0 0 3) r(0 1) U5
last-modified
Wed, 23 Nov 2022 16:29:03 GMT
server
AmazonS3
etag
W/"8c55197fe6724aecc538eccd39464157"
vary
Accept-Encoding
content-type
text/css
x-amz-cf-id
hSjdxwlDJMnrvLRmCelw8NgRrqoks6iAbTkLCFKvOGzE5eGA_Wx-Xg==
launch-1fbc64c6f27d.min.js
assets.adobedtm.com/53a891404309/d17b52f93d49/ 		328 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/53a891404309/d17b52f93d49/launch-1fbc64c6f27d.min.js
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
af756cdab59447f28e58f6b73ba850bc109f9031948791e22b068119ceb72c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:20:04 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 19:01:30 GMT
server
AkamaiNetStorage
etag
"28fde724690185b5ec1ed67d5396cf04:1671649290.171104"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jan 2023 17:20:04 GMT
tp-logo-commonwealth-financial-group-rgb-147x80.png
assetlibrary.securian.com/content/dam/img/brand/tp-logo/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assetlibrary.securian.com/content/dam/img/brand/tp-logo/tp-logo-commonwealth-financial-group-rgb-147x80.png
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.233.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
0433e9521cd277a9b98df87f4c38b8f500fa1d19c45e570fed262b73d434555d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' securian.marketing.adobe.com securian.experiencecloud.adobe.com experience.adobe.com
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dispatcher
fc4
date
Tue, 03 Jan 2023 14:44:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' securian.marketing.adobe.com securian.experiencecloud.adobe.com experience.adobe.com
via
1.1 3b0649a8bee506c1d7498462d39e6c44.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
JFK50-P5
age
5751
x-vhost
publish
x-cache
Hit from cloudfront
x-iinfo
5-228841278-228841293 NNNN CT(14 5 0) RT(1672762802912 130) q(0 0 0 0) r(0 0) U5
content-length
20002
last-modified
Tue, 09 Aug 2022 14:50:57 GMT
server
Apache
etag
"4e22-5e5d00f58f640"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=43200
accept-ranges
bytes
x-amz-cf-id
CYNS3AlK_6OBVzU4Mm_QeA6qEaLV7GuGOjbY3Kpo1EW8qUTh_2XJJA==
expires
Wed, 04 Jan 2023 02:44:12 GMT
ig-whats-your-business-worth-120921.png
assetlibrary.securian.com/content/dam/img/dp/cg/ig/ 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assetlibrary.securian.com/content/dam/img/dp/cg/ig/ig-whats-your-business-worth-120921.png
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.233.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
153ecc3af0400731caefa78d7ea10a8bd7a714118a7c420ff21eb2c8890d9b13
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' securian.marketing.adobe.com securian.experiencecloud.adobe.com experience.adobe.com
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dispatcher
862
strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
frame-ancestors 'self' securian.marketing.adobe.com securian.experiencecloud.adobe.com experience.adobe.com
x-content-type-options
nosniff
date
Tue, 03 Jan 2023 16:06:10 GMT
via
1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
JFK50-P5
age
18310
x-vhost
publish
x-cache
Hit from cloudfront
x-iinfo
5-228841278-228841295 NNNN CT(12 4 0) RT(1672762802912 135) q(0 0 0 1) r(0 0) U5
content-length
262020
last-modified
Thu, 09 Dec 2021 12:59:47 GMT
server
Apache
etag
"3ff84-5d2b62e58b6c0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=43200
accept-ranges
bytes
x-amz-cf-id
SWlTiNOuEClfgRMB-Z1rgEBEhAMBK47UgpNzWn3IVlG1JWLeDJjxkQ==
expires
Tue, 03 Jan 2023 23:14:54 GMT
dejter-jamie-120cr.png
assetlibrary.securian.com/content/dam/img/pic/ip/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assetlibrary.securian.com/content/dam/img/pic/ip/dejter-jamie-120cr.png
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.233.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
f7509dfa129c754a66854432a9278cdca3a5ee4eca9538537dc95db62c0991f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' securian.marketing.adobe.com securian.experiencecloud.adobe.com experience.adobe.com
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dispatcher
862
date
Tue, 03 Jan 2023 14:44:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' securian.marketing.adobe.com securian.experiencecloud.adobe.com experience.adobe.com
via
1.1 57a5349e40888d521545fc9b83f270a4.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
JFK50-P5
age
5752
x-vhost
publish
x-cache
Hit from cloudfront
x-iinfo
5-228841278-228841298 NNNN CT(2 3 0) RT(1672762802912 142) q(0 0 0 6) r(0 0) U5
content-length
38420
last-modified
Tue, 09 Aug 2022 14:48:18 GMT
server
Apache
etag
"9614-5e5d005ded080"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=43200
accept-ranges
bytes
x-amz-cf-id
27gRHeGkAiKmBxkFZdpYobRhJRnTrmuRTi3bJRAJsIsHhKacsVLZKQ==
expires
Wed, 04 Jan 2023 02:44:12 GMT
vendor.js
imagelibrary.securian.com/assets/dsg/18.0.0/scripts/client/ 		683 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagelibrary.securian.com/assets/dsg/18.0.0/scripts/client/vendor.js
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.241.117 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8303d778234b6098657166bc7579703eae86d14a92ad91bccb5b4620e7cb4112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:07:46 GMT
content-encoding
br
via
1.1 30034d7efe222fd8a4ca5a31609cb494.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
IAD66-C2
age
738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-iinfo
13-686124272-686124299 NNNN CT(2 6 0) RT(1672762803776 102) q(0 0 0 3) r(1 1) U5
last-modified
Wed, 23 Nov 2022 16:28:33 GMT
server
AmazonS3
etag
W/"abd4462c50e2bba37392b6fd5d548383"
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
-cfVJzv7PjfcY0VL2-Zbw4F5t7fSlXiIMqfmMTdCeLkh3bM7wdpd4Q==
custom.js
imagelibrary.securian.com/assets/dsg/18.0.0/scripts/client/ 		130 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagelibrary.securian.com/assets/dsg/18.0.0/scripts/client/custom.js
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.241.117 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
743b36065002ff8eb0917d21cc840c757ad0af3ebf8f9617173e782652a82cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:07:46 GMT
content-encoding
br
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
IAD66-C2
age
738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-iinfo
13-686124272-686124300 NNNN CT(1 5 0) RT(1672762803776 103) q(0 0 0 5) r(0 1) U5
last-modified
Wed, 23 Nov 2022 16:28:02 GMT
server
AmazonS3
etag
W/"fba869540faea59ed1b94e22d6d01fec"
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
5vhuipo8cIRW4RWvlePOCRE6Z-DEEuKq5eFrI3yjiBbycEpIhZ4WJg==
id
dpm.demdex.net/ 		367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BE3229055530ED27F000101%40AdobeOrg&d_nsid=0&ts=1672762804485
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/53a891404309/d17b52f93d49/launch-1fbc64c6f27d.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.240.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-240-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
81c5aefdca6c40c4629193ee75cf236258c7170641e46531b9805164b7d01514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
RErU39/WRQk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
311
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/53a891404309/d17b52f93d49/launch-1fbc64c6f27d.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:20:04 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Tue, 03 Jan 2023 17:20:04 GMT
scevent.min.js
sc-static.net/ 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-245.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
4873b20f1a4561114f55aa1114e0bb530bd87e12054a8159446b4aff75c48c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:20:04 GMT
content-encoding
gzip
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
13268
x-amz-cf-id
_DblLZo0R1CVKcOKiLGCCOZp8nMt-ckRlooc7wZygUazAk_7Y_gnIw==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:20:04 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-vie6321-VIE
adsct
t.co/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=f832127f-eacd-4347-a837-75ba8c8f542d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=59b4ba42-50db-47b8-bf72-c13bd40204c1&tw_document_href=https%3A%2F%2Fmczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com%2Fcuzhj5e05by%3Fadv%3D765bc3cd-6bad-4920-84cb-957fcbf9b1c2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuorm&type=javascript&version=2.3.29
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time
106
date
Tue, 03 Jan 2023 16:20:04 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
bb669d667dfae61c
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
075d1f85e8b39b324db09b52372197e5cc293bf2b61bd6d40c367c0190f0cc1a
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f832127f-eacd-4347-a837-75ba8c8f542d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=59b4ba42-50db-47b8-bf72-c13bd40204c1&tw_document_href=https%3A%2F%2Fmczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com%2Fcuzhj5e05by%3Fadv%3D765bc3cd-6bad-4920-84cb-957fcbf9b1c2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuorm&type=javascript&version=2.3.29
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time
109
date
Tue, 03 Jan 2023 16:20:03 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
240122bb0ccf4c34
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
933a06f4e95d0e243e9fbad0c2b539f61b2dc17d9e824aa6f84f74f0b4cf86df
content-length
43
35856d
hello.myfonts.net/count/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/35856d
Requested by
Host: imagelibrary.securian.com
URL: https://imagelibrary.securian.com/assets/dsg/18.0.0/styles/vendor.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagelibrary.securian.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
dest5.html
securian.demdex.net/ Frame DA81 		0
0
ibs:dpid=411&dpuuid=Y7RVtQAAAMiPUgNe
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=40236714633062828512711171205394946920
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7RVtQAAAMiPUgNe
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7RVtQAAAMiPUgNe
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
HTTP/1.1
Server
34.247.240.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-240-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-040129606.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
kTbCwegwSyE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7RVtQAAAMiPUgNe
Date
Tue, 03 Jan 2023 16:20:05 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
always-on-image.png
mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/ 		11 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/always-on-image.png
Requested by
Host: mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.231.91.26 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
Software
/
Resource Hash
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/cuzhj5e05by?adv=765bc3cd-6bad-4920-84cb-957fcbf9b1c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 03 Jan 2023 16:20:05 GMT
Cache-Control
private
Connection
close
Content-Length
11
Content-Type
text/html
delivery
securian.tt.omtrdc.net/rest/v1/ 		551 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securian.tt.omtrdc.net/rest/v1/delivery?client=securian&sessionId=40c7ec4092ca434e9c2e4158d6d55f7a&version=2.10.0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/53a891404309/d17b52f93d49/launch-1fbc64c6f27d.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.213.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-213-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d82e90f103e43cc864f28e68aac2e6b86735e5e00a7bd595e96313ed31408df8

Request headers

Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Jan 2023 16:20:05 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
3c5edf9b48fa03eeeedb73a4a578ede4
truncated
/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3878a6628aa731931d588bdc3d10e89a7587110163c8615050479eb2d7384e6e

Request headers

Referer
Origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64f6cd508f3b4c3dbaaad6cc4d4d72c4feb25e3a2d2a19b060b0e752fc74f728

Request headers

Referer
Origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
font/woff
RCb60e53a7667747208e36d27a77265a2b-source.min.js
assets.adobedtm.com/53a891404309/d17b52f93d49/0bee796af3a6/ 		741 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/53a891404309/d17b52f93d49/0bee796af3a6/RCb60e53a7667747208e36d27a77265a2b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/53a891404309/d17b52f93d49/launch-1fbc64c6f27d.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8f1cfc638d09aa35bfac2d3cd711b174e5fe0827095388d38038bccea4fa58c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:20:06 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 19:01:31 GMT
server
AkamaiNetStorage
etag
"49180adedbaadacfb0e40715aefae57a:1671649291.006883"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
357
expires
Tue, 03 Jan 2023 17:20:06 GMT
dest5.html
securian.demdex.net/ Frame 0337 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securian.demdex.net/dest5.html?d_nsid=0
Requested by
Host: imagelibrary.securian.com
URL: https://imagelibrary.securian.com/assets/dsg/18.0.0/scripts/client/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.234.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-234-63.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v045-0fb9f79b9.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
oJB2vkjHSFE=
content-encoding
gzip
date
Tue, 3 Jan 2023 16:20:06 GMT
last-modified
Fri, 28 Oct 2022 11:22:29 GMT
vary
accept-encoding
RC37225a20e1f64aac8c243c1fecaae540-source.min.js
assets.adobedtm.com/53a891404309/d17b52f93d49/0bee796af3a6/ 		436 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/53a891404309/d17b52f93d49/0bee796af3a6/RC37225a20e1f64aac8c243c1fecaae540-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/53a891404309/d17b52f93d49/launch-1fbc64c6f27d.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
93a1119bc5c937ff03f077fccbe49b90aab17d4035b17c5f11de76f3cb60f910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:20:06 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 19:01:31 GMT
server
AkamaiNetStorage
etag
"49180adedbaadacfb0e40715aefae57a:1671649291.006883"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
255
expires
Tue, 03 Jan 2023 17:20:06 GMT
i
tr.snapchat.com/cm/ Frame BA91 		0
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=494e0e51-aa65-4d33-b49f-223d06df75a0&u_scsid=2d82c1be-d5e7-4541-998a-69d7ab45f704&u_sclid=0e0da30e-48b2-4503-80d7-488e0c29f171
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 03 Jan 2023 16:20:06 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
494e0e51-aa65-4d33-b49f-223d06df75a0.js
tr.snapchat.com/config/com/ 		149 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/494e0e51-aa65-4d33-b49f-223d06df75a0.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2eb5246e2248ec3b3769912c2cf822e2ed642861981d6e86523d69d1a9acb879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
Origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:20:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ 		68 B
366 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 03 Jan 2023 16:20:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
5
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
/
zn0ht5mvovafa7a0m-securian.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn0ht5mvovafa7a0m-securian.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0Ht5mVovAFa7a0m
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/53a891404309/d17b52f93d49/launch-1fbc64c6f27d.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ccbda56f1b65ce14a3f4d974caaa74139f52055d424d58782740aba5496cf30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:20:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2127-KS7AZwOh4pgJpZ5aE9EiAtVR0bk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
783d0f565ada2bc7-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
s5846878716332
sfgglobalprod.112.2o7.net/b/ss/sfgglobalprod,sfgsecurian3prod/1/JS-2.23.0-LCXS/ 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sfgglobalprod.112.2o7.net/b/ss/sfgglobalprod,sfgsecurian3prod/1/JS-2.23.0-LCXS/s5846878716332?AQB=1&ndh=1&pf=1&t=3%2F0%2F2023%2016%3A20%3A6%202%200&sdid=2354D155F102D704-4F0627CA15B43DDC&mid=40242368179296162322715114397999834979&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fmczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com%2Fcuzhj5e05by%3Fadv%3D765bc3cd-6bad-4920-84cb-957fcbf9b1c2&c.&getNewRepeat=3.0.1&getTimeParting=6.3&pt=3.0&p_fo=3.0&getPreviousValue=3.0.1&getQueryParam=4.0.1&getVisitNum=4.2.1&endOfDatePeriod=1.2&.c&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=765bc3cd-6bad-4920-84cb-957fcbf9b1c2&v1=765bc3cd-6bad-4920-84cb-957fcbf9b1c2&c3=40242368179296162322715114397999834979&v3=40242368179296162322715114397999834979&c9=www.securian.com&v9=www.securian.com&c10=www.securian.com&v10=www.securian.com&c12=sec%7Clp%7Cwmg-lead-gen%7Cwmg-business-form&v12=sec%7Clp%7Cwmg-lead-gen%7Cwmg-business-form&c13=https%3A%2F%2Fmczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com%2Fcuzhj5e05by&v13=https%3A%2F%2Fmczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com%2Fcuzhj5e05by&c38=form&v38=form&c39=sfmc&v39=sfmc&c40=sec%7Clp%7Cwmg-lead-gen%7Cwmg-business-form&v40=sec%7Clp%7Cwmg-lead-gen%7Cwmg-business-form&v54=10%3A30AM&v55=Tuesday&v56=New&v57=1&v58=year%3D2023%20%7C%20month%3DJanuary%20%7C%20date%3D3%20%7C%20day%3DTuesday%20%7C%20time%3D10%3A20%20AM&c75=page_view_dc&v96=Global_LP%7Cproduction%7C2022-12-21T19%3A01%3A10Z%7C27.4.0%7C2022-09-28T18%3A15%3A16Z&v100=page_view_dc&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=1BE3229055530ED27F000101%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Jan 2023 16:20:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Jan 2023 16:20:07 GMT
server
jag
etag
3592230775900831744-4619740288487252155
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 02 Jan 2023 16:20:07 GMT
13.7ca37fd749ece40e6b66.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/13.7ca37fd749ece40e6b66.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
Requested by
Host: zn0ht5mvovafa7a0m-securian.siteintercept.qualtrics.com
URL: https://zn0ht5mvovafa7a0m-securian.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0Ht5mVovAFa7a0m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffbbc0f2a0e276384d94d71954af7d75ca787ea6243b06984ea4905477510e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:20:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
373251
cf-polished
origSize=64429
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 07 Dec 2022 05:50:04 GMT
cf-bgj
minify
server
cloudflare
etag
W/"fbad-184eb224ae0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
783d0f596f542bc7-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Ht5mVovAFa7a0m&Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=webAdobeLaunch
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/13.7ca37fd749ece40e6b66.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd162acf8d2266d570a9a3a0aebd3e7c02db6143ea42c0de09e688c010f33eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 03 Jan 2023 16:20:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
9a6e4ae16ed83c8d
cf-ray
783d0f59afc62bc7-FRA
timing-allow-origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securian.demdex.net
URL
https://securian.demdex.net/dest5.html?d_nsid=0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in string| rsid function| snaptr object| r function| twq object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| getNewRepeat function| getTimeParting function| getVisitNum function| endOfDatePeriod object| regeneratorRuntime object| twttr function| jQuery function| $ function| debounce function| Inputmask object| digitalData function| cookieWrite function| cookieRead string| g object| QSI object| s_i_sfgglobalprod_sfgsecurian3prod object| WAFQualtricsWebpackJsonP-cloud-1.82.1 object| _qsie

23 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.securian.com/ Name: visid_incap_2771997
Value: Y122N2noSVGWsX0V4PTIsrNVtGMAAAAAQUIPAAAAAABGBfX9LOWvBrOEOKHnP/P9
.securian.com/ Name: visid_incap_2778147
Value: f5Wyqs0UTvOp+yYFOG2PGrNVtGMAAAAAQUIPAAAAAADvYOjXE7Z/NcVn4nrUP9Mg
.securian.com/ Name: nlbi_2778147
Value: 8Ye5JPcNowPTqdA5uc68qAAAAAA47W4VcnmVohGXk4oJDPKS
.securian.com/ Name: incap_ses_7225_2778147
Value: FsJSLodYNix0K/vkzVtEZLNVtGMAAAAAfR4gESJRRcsNeWUb/3OBSg==
.securian.com/ Name: nlbi_2771997
Value: +DdAK3qvLzh5eHmiLNPPRAAAAAC0wDEzcBCGrYiWkVlLNQTG
.securian.com/ Name: incap_ses_1347_2771997
Value: KUGnLEobQilxkCAy+YGxErNVtGMAAAAADAyZY6cdUJersLKCie2JFg==
.sfmc-content.com/ Name: at_check
Value: true
.sfmc-content.com/ Name: _schn
Value: _jup61n
.sfmc-content.com/ Name: _scid
Value: a0a1d788-4a34-4a8d-912e-a8d49106c16d
.t.co/ Name: muc_ads
Value: 7b68d5bc-ec91-4c09-ad18-43ecbbd9ef04
.twitter.com/ Name: personalization_id
Value: "v1_yJMaelYIut100Kfmv07XNQ=="
.demdex.net/ Name: demdex
Value: 40236714633062828512711171205394946920
.sfmc-content.com/ Name: AMCVS_1BE3229055530ED27F000101%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y7RVtQAAAMiPUgNe
.sfmc-content.com/ Name: mbox
Value: session#40c7ec4092ca434e9c2e4158d6d55f7a#1672764666|PC#40c7ec4092ca434e9c2e4158d6d55f7a.37_0#1736007606
.dpm.demdex.net/ Name: dpm
Value: 40236714633062828512711171205394946920
.sfmc-content.com/ Name: AMCV_1BE3229055530ED27F000101%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19361%7CMCMID%7C40242368179296162322715114397999834979%7CMCAAMLH-1673367605%7C6%7CMCAAMB-1673367605%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1672770005s%7CNONE%7CMCSYNCSOP%7C411-19368%7CvVersion%7C5.5.0
.pub.sfmc-content.com/ Name: s_nr30
Value: 1672762806722-New
.pub.sfmc-content.com/ Name: s_vnc365
Value: 1704298806723%26vn%3D1
.pub.sfmc-content.com/ Name: s_ivc
Value: true
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIcOrAcyTCFRxvi7VnDU95PFcW3SWAFA3m1Sib27oHDUa4svUDP2pEazIAAAA=
.sfmc-content.com/ Name: s_cc
Value: true

2 Console Messages

Source Level URL
Text
network error URL: https://mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com/always-on-image.png
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://hello.myfonts.net/count/35856d
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
assetlibrary.securian.com
assets.adobedtm.com
cm.everesttech.net
dpm.demdex.net
hello.myfonts.net
imagelibrary.securian.com
mczhhr1124nv0hcrpdwk617cfs7q.pub.sfmc-content.com
r20.rs6.net
sc-static.net
securian.demdex.net
securian.tt.omtrdc.net
sfgglobalprod.112.2o7.net
siteintercept.qualtrics.com
static.ads-twitter.com
t.co
tr.snapchat.com
zn0ht5mvovafa7a0m-securian.siteintercept.qualtrics.com
securian.demdex.net
104.17.209.240
104.244.42.195
104.244.42.197
13.225.77.245
15.236.176.210
199.232.16.157
208.75.122.11
2606:4700::6811:f349
2a02:26f0:f700:495::1e80
34.247.240.197
35.190.43.134
45.60.233.29
45.60.241.117
52.50.213.80
54.171.1.252
54.75.234.63
66.231.91.26
0433e9521cd277a9b98df87f4c38b8f500fa1d19c45e570fed262b73d434555d
0ccbda56f1b65ce14a3f4d974caaa74139f52055d424d58782740aba5496cf30
153ecc3af0400731caefa78d7ea10a8bd7a714118a7c420ff21eb2c8890d9b13
2eb5246e2248ec3b3769912c2cf822e2ed642861981d6e86523d69d1a9acb879
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3878a6628aa731931d588bdc3d10e89a7587110163c8615050479eb2d7384e6e
4873b20f1a4561114f55aa1114e0bb530bd87e12054a8159446b4aff75c48c2b
64f6cd508f3b4c3dbaaad6cc4d4d72c4feb25e3a2d2a19b060b0e752fc74f728
743b36065002ff8eb0917d21cc840c757ad0af3ebf8f9617173e782652a82cf7
746a5e50ddd242e928464ef95d98701d88a6eb34a2da928a2e6722252a5c6c50
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
81c5aefdca6c40c4629193ee75cf236258c7170641e46531b9805164b7d01514
8303d778234b6098657166bc7579703eae86d14a92ad91bccb5b4620e7cb4112
8f1cfc638d09aa35bfac2d3cd711b174e5fe0827095388d38038bccea4fa58c7
93a1119bc5c937ff03f077fccbe49b90aab17d4035b17c5f11de76f3cb60f910
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a847ed901b3d07dd459463a4882f19f57bbb5deb6b6bd065801debf69960550d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af756cdab59447f28e58f6b73ba850bc109f9031948791e22b068119ceb72c9c
b2069d13cf084772216ebe734a9b378b05322e96f7786cc4c385d4b245b5403f
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d82e90f103e43cc864f28e68aac2e6b86735e5e00a7bd595e96313ed31408df8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7509dfa129c754a66854432a9278cdca3a5ee4eca9538537dc95db62c0991f7
fd162acf8d2266d570a9a3a0aebd3e7c02db6143ea42c0de09e688c010f33eb1
ffbbc0f2a0e276384d94d71954af7d75ca787ea6243b06984ea4905477510e8f