admin2.tdecu.easci.com Open in urlscan Pro
18.224.18.161  Public Scan

23 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

• https://s.adroll.com/j/pre/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/fpconsent.js HTTP 302
• https://s.adroll.com/j/pre/index.js

Request Chain 83

• https://a2.adform.net/Serving/TrackPoint/?pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=102951608936&ADFtpmode=2&loc=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&Set1=he-IL%7Che-IL%7C1600x1200%7C24 HTTP 302
• https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=102951608936&ADFtpmode=2&loc=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&Set1=he-IL%7Che-IL%7C1600x1200%7C24

Request Chain 89

• https://d.adroll.com/pixel/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A?adroll_fpc=129148ac3be14fd008edcd6dec17bfd3-1718629838900&pv=35104821804.07666&arrfrr=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&cookie=&adroll_s_ref=&keyw=&p0=3267 HTTP 302
• https://s.adroll.com/pixel/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/XOZUJCWOJVGMBEGXYCQIWJ.js

Request Chain 99

• https://d.adroll.com/cm/x/out?adroll_fpc=129148ac3be14fd008edcd6dec17bfd3-1718629838900&pv=35104821804.07666&arrfrr=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&advertisable=3UHUTMCIQFEF5HI7C7C6X3 HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=MzhkZTMzMDUyYzNjYzI5YzNkZTdmNjUyZGNmNGFkMTU HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMzhkZTMzMDUyYzNjYzI5YzNkZTdmNjUyZGNmNGFkMTU

Request Chain 107

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ECEEC6CFB133477CB3574C23699EE882&RedC=c.clarity.ms&MXFR=1DE8F7E4B6D36FA21323E345B2D361B8 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECEEC6CFB133477CB3574C23699EE882&MUID=0BCF5B1C0E1B635F22BD4FBD0F8B6241

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response admin2.tdecu.easci.com/	182 KB 28 KB	1038ms 445ms	Document text/html	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash c2defd423e09c7f499d65d4f898c11b3cd75bbfe2f358b421e24b0c57a19490f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Age 0 Cache-Control no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Mon, 17 Jun 2024 13:10:34 GMT Expires Wed, 17 Aug 2005 00:00:00 GMT Last-Modified Mon, 17 Jun 2024 13:10:34 GMT Server Apache/2.4.41 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding Via 1.1 varnish (Varnish/6.2) X-Cache MISS X-Varnish 38797882 cross-origin-opener-policy same-origin referrer-policy strict-origin-when-cross-origin x-frame-options SAMEORIGIN
GET H2	200	S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 fonts.gstatic.com/s/lato/v16/	15 KB 15 KB	370ms 132ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Origin https://admin2.tdecu.easci.com Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 22:47:34 GMT x-content-type-options nosniff age 570181 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14864 x-xss-protection 0 last-modified Tue, 23 Jul 2019 03:45:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 10 Jun 2025 22:47:34 GMT
GET H2	200	S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 15 KB	443ms 206ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 50f4eb73e4854117bf7bf9da7dc0c17740b03b5db6eb7ee6ffc20aeb35c1ea48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Origin https://admin2.tdecu.easci.com Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 02:55:48 GMT x-content-type-options nosniff age 382487 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14836 x-xss-protection 0 last-modified Tue, 23 Jul 2019 03:45:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jun 2025 02:55:48 GMT
GET H2	200	S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	420ms 183ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Origin https://admin2.tdecu.easci.com Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 03:49:28 GMT x-content-type-options nosniff age 292867 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13912 x-xss-protection 0 last-modified Tue, 23 Jul 2019 03:45:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 14 Jun 2025 03:49:28 GMT
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	462ms 225ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Origin https://admin2.tdecu.easci.com Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 03:21:07 GMT x-content-type-options nosniff age 380968 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14044 x-xss-protection 0 last-modified Tue, 23 Jul 2019 03:45:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jun 2025 03:21:07 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	350ms 114ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Origin https://admin2.tdecu.easci.com Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:49:06 GMT x-content-type-options nosniff age 368489 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14176 x-xss-protection 0 last-modified Tue, 23 Jul 2019 03:45:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jun 2025 06:49:06 GMT
GET H/1.1	200 OK	fa-solid-900.woff2 admin2.tdecu.easci.com/templates/tdecu/fonts/fa/	138 KB 138 KB	913ms 332ms	Font font/woff2	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/templates/tdecu/fonts/fa/fa-solid-900.woff2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 32a191572908746d2e318ba46d98d44ccb92ac9354ba06aad2fe3a47aa354753 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Origin https://admin2.tdecu.easci.com Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:46 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Mon, 10 Apr 2023 16:32:41 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 34408383 8850645 Content-Type font/woff2 Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 140565 X-Cache-Hits 2
GET H/1.1	200 OK	6ed83d71c8e2ac5eb6d243b6d13ae3b2.css admin2.tdecu.easci.com/media/com_jchoptimize/cache/css/	449 KB 68 KB	228ms 215ms	Stylesheet text/css	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/media/com_jchoptimize/cache/css/6ed83d71c8e2ac5eb6d243b6d13ae3b2.css Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash e2b11c13ea7c4eb5c35c5263b43faf24e63531303055e9ead359cd148d48aea4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:46 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Sun, 16 Jun 2024 15:32:35 GMT Server Apache/2.4.41 (Ubuntu) Age 108 Vary Accept-Encoding X-Cache HIT X-Varnish 38797884 11143256 Content-Type text/css Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 68910 X-Cache-Hits 2
GET H/1.1	200 OK	083852138a44faa9087c89e8acf3daf2.css admin2.tdecu.easci.com/media/com_jchoptimize/cache/css/	566 KB 80 KB	582ms 208ms	Stylesheet text/css	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/media/com_jchoptimize/cache/css/083852138a44faa9087c89e8acf3daf2.css Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 206dd352f2970c4a7096224fa683d9b5fbfca6d22f92753c139718da38bd8765 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:46 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Mon, 17 Jun 2024 04:11:52 GMT Server Apache/2.4.41 (Ubuntu) Age 108 Vary Accept-Encoding X-Cache HIT X-Varnish 38797885 8850648 Content-Type text/css Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 81378 X-Cache-Hits 2
GET H3	200	answers.css assets.sitescdn.net/answers/v1.7.1/	98 KB 12 KB	270ms 130ms	Stylesheet text/css	104.17.25.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.sitescdn.net/answers/v1.7.1/answers.css Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.84 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 847ddd7cbb1ab322976ca46c2038b5dacaacb781ff25c9e576c859455802fcac Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:35 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT last-modified Fri, 08 Jan 2021 16:10:17 GMT server cloudflare x-amz-request-id Z4HS80XXBNMQQTZZ age 8272118 etag W/"0caa637588ea850b9ea837e963c828ab" vary Accept-Encoding content-type text/css cache-control max-age=31536000 cf-ray 895347d76d7b8ffa-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 V/XrPLTgFm6+BYKRFT3Bgxc09nYlH//2KN58fcVgCWlFPUrj++S56kQC8d6v2/cKmtr73yWoscc=
GET H/1.1	200 OK	5a809500f329a918845b13927c3734f3.js Show response admin2.tdecu.easci.com/media/com_jchoptimize/cache/js/	108 KB 37 KB	923ms 336ms	Script application/javascript	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/media/com_jchoptimize/cache/js/5a809500f329a918845b13927c3734f3.js Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 34fd40bbba74b00767d38ca2ecc95bec1e20bd72615ead84fe786b8cf218ef0d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:46 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Mon, 17 Jun 2024 04:11:52 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 38797887 38797876 Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 37885 X-Cache-Hits 2
GET H2	200	common.js Show response cds-sdkcfg.onlineaccess1.com/	302 KB 170 KB	392ms 249ms	Script application/javascript	192.0.54.4 Q2HOLDINGS
General Check archive.org Show headers Download Go to Full URL https://cds-sdkcfg.onlineaccess1.com/common.js Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.54.4 , United States, ASN62659 (Q2HOLDINGS, US), Reverse DNS Software cloudflare / Resource Hash 920aa3247fdacad194beadca54c64fb16b84060027f56aff0bb688e910d054f6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 17 Jun 2024 13:10:35 GMT content-encoding gzip via 1.1 google cf-cache-status DYNAMIC server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript; charset=UTF-8 x-ion-hop prod cache-control no-cache, no-store, must-revalidate cf-ray 895347d74d30e3ed-TLV alt-svc h3=":443"; ma=86400 expires 0
GET H3	200	answers.min.js Show response assets.sitescdn.net/answers/v1.7.1/	448 KB 129 KB	129ms 126ms	Script application/javascript	104.17.25.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.sitescdn.net/answers/v1.7.1/answers.min.js Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.84 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b6b64bd38df5d467b00a459640f5eeb0c99c5a1d92e3489553dcc42344ff0ff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:36 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT last-modified Fri, 08 Jan 2021 16:10:17 GMT server cloudflare x-amz-request-id QWMQETZNZ4C1B8PT age 8281553 etag W/"c812e6789e2000947d5e90e3a0687a6e" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 cf-ray 895347dd2e168ffa-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 4Vi9RXkPbEHHLFlLxwtalojf0pPgH/3jSpL+z6fFu+vP8eCXB5EmFyc1X21osE/5qZSFbCKqzug=
GET H2	200	salemove_integration.js Show response api.glia.com/	9 KB 9 KB	374ms 122ms	Script application/javascript	18.173.205.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.glia.com/salemove_integration.js Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.205.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-205-116.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 17493614f297b2d52572a9b0fa2d766814aa14278ed06e1f897d4fbc21def6dc Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000; includeSubdomains; preload date Mon, 17 Jun 2024 13:10:27 GMT via 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront) last-modified Fri, 14 Jun 2024 20:52:03 GMT server AmazonS3 x-amz-cf-pop FRA56-P12 age 9 x-amz-server-side-encryption AES256 etag "21b897c21ac964e33b65c353861a853f" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 9240 x-amz-cf-id KuMJpAyUs5tFmoE5cBaA3dQXYYrAhJEbPYYAP6Guij-D1ajXYodSCQ==
GET H2	200	monsido-script.js Show response app-script.monsido.com/v2/	8 KB 3 KB	191ms 60ms	Script text/javascript	34.98.105.146 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-script.monsido.com/v2/monsido-script.js Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.105.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 146.105.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:09:41 GMT content-encoding gzip age 55 x-guploader-uploadid ACJd0NoIdoBjDH3VdX1WJui53nOXJ2Pes980C4f-U6YV0l_6Sbyo4EPwRMadF0eD7GcPf3znSUU x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2757 last-modified Thu, 01 Jun 2023 11:12:59 GMT server UploadServer etag "fce0a6a1f924b9c6816bdc5bc679506e" vary Accept-Encoding x-goog-generation 1685617979609837 x-goog-hash crc32c=dMVJbw==, md5=/OCmofkkucaBa9xbxnlQbg== content-type text/javascript cache-control public, max-age=300 x-goog-stored-content-length 2757 accept-ranges bytes expires Mon, 17 Jun 2024 13:14:41 GMT
GET H/1.1	200 OK	sppagebuilder.js Show response admin2.tdecu.easci.com/components/com_sppagebuilder/assets/js/	74 KB 20 KB	215ms 214ms	Script application/javascript	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/components/com_sppagebuilder/assets/js/sppagebuilder.js?322858523b29016b9956efbebde8b144 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 185f6679ba7cbbce16dc3413260616a69a536b68f9d9a2941ac69eb0ebdedb66 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:47 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Wed, 22 Nov 2023 00:56:14 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 11143268 8850650 Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 20147 X-Cache-Hits 2
GET H/1.1	200 OK	announcement.svg admin2.tdecu.easci.com/images/icons-svg/	2 KB 1 KB	197ms 196ms	Image image/svg+xml	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://admin2.tdecu.easci.com/images/icons-svg/announcement.svg Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash a62e703af31a29e07c8aeb10c8b1a478e785078245f7c974c0659ecfd6b44951 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:47 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Tue, 14 Dec 2021 17:28:16 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 38797888 8520222 Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 734 X-Cache-Hits 2
GET H/1.1	200 OK	tdecu-logo.svg admin2.tdecu.easci.com/images/assets/	5 KB 2 KB	782ms 196ms	Image image/svg+xml	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://admin2.tdecu.easci.com/images/assets/tdecu-logo.svg Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash a466f2cd63a7ab3ea163854856db3b06103c7af453411ac23d0fd377e8454bb8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:46 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Mon, 27 Jan 2020 19:33:59 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 8520227 34408365 Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 1613 X-Cache-Hits 2
GET H2	200	vpc-hero-2.jpg cdn2.tdecu.org/images/hero-images/	80 KB 81 KB	395ms 134ms	Image image/avif	18.66.102.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.tdecu.org/images/hero-images/vpc-hero-2.jpg?s=1800x600&g=c&f=a&z=2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-43.fra56.r.cloudfront.net Software / Resource Hash 41929a360b20e572063b6e401eb4e355dfc967a4c007a02dbafd31392c7b837a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 03 May 2024 11:53:58 GMT via 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 3892597 x-amzn-requestid 0bdf4795-8951-4314-903e-0158e4abda20 x-amzn-trace-id root=1-6634d056-0711b6b018623f91083a9739;parent=135a3ecafd4bd6ea;sampled=0;lineage=bc1bd12d:0 x-cache Hit from cloudfront content-type image/avif cache-control public, max-age=31536000 content-length 82188 x-amz-cf-id oCSZ2-SqgopvczxEEritGT9q21oz4qb41gZIacoVK9OsBXsNhwIfkQ==
GET H2	200	cd-hero-image-v2-100-3.jpg cdn2.tdecu.org/images/campaigns/	9 KB 10 KB	116ms 116ms	Image image/avif	18.66.102.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.tdecu.org/images/campaigns/cd-hero-image-v2-100-3.jpg?s=1800x600&c=center&g=s&f=a&z=2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-43.fra56.r.cloudfront.net Software / Resource Hash 9764c9c3967712e62065a7ed9100e6668a9020bfb24ff97ae8c976c58c392214 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:44:49 GMT via 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 3558346 x-amzn-requestid 520aa053-ad7c-4462-994a-257793b6ebc0 x-amzn-trace-id root=1-6639ea01-740438637dcf6c7726d84bd1;parent=7d658fc36a675ec7;sampled=0;lineage=bc1bd12d:0 x-cache Hit from cloudfront content-type image/avif cache-control public, max-age=31536000 content-length 9367 x-amz-cf-id cOK_K1dGSH9n9sCREcgAjkoFVcBsEXh_YCH3N8r0iFXZUoMNVhltxQ==
GET H2	200	texans-hero-v2.png cdn2.tdecu.org/images/hero-images/	31 KB 32 KB	117ms 117ms	Image image/avif	18.66.102.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.tdecu.org/images/hero-images/texans-hero-v2.png?s=1800x600&g=ne&f=a&z=2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-43.fra56.r.cloudfront.net Software / Resource Hash 6445dd3937bbb197695d1d0227621de7880638a4c39caaacbf6710b36c368f45 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:44:50 GMT via 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 3558345 x-amzn-requestid 214754f2-5815-4843-acc4-b09db9f8dbf7 x-amzn-trace-id root=1-6639ea02-0d72d240420c994f2ef94442;parent=2d787dd9b033eb2b;sampled=0;lineage=bc1bd12d:0 x-cache Hit from cloudfront content-type image/avif cache-control public, max-age=31536000 content-length 32201 x-amz-cf-id BONE_jFBBSIjBG0km5mc3v1EL3-LsbMdFrfUg88ta9emrPnC7retdw==
GET H2	200	tia-flood-insurance-campaign-hero.jpg cdn2.tdecu.org/images/campaigns/flood-insurance/	66 KB 66 KB	117ms 117ms	Image image/avif	18.66.102.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.tdecu.org/images/campaigns/flood-insurance/tia-flood-insurance-campaign-hero.jpg?s=1800x600&g=c&f=a&z=2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-43.fra56.r.cloudfront.net Software / Resource Hash b1c6a019d7a86ca562aec07126bce756b1de7c3367811bbcac5535fac224b43b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 17:37:32 GMT via 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 1193584 x-amzn-requestid aa184efa-c2f6-4d22-a575-dd4f2a23d118 x-amzn-trace-id root=1-665dff5c-380dbbc24bc6af794c256d73;parent=4c5068c8a791d536;sampled=0;lineage=bc1bd12d:0 x-cache Hit from cloudfront content-type image/avif cache-control public, max-age=31536000 content-length 67428 x-amz-cf-id Arj6u5WJmkwZ7Fs_up0PObkl18w_YnPGu7b2ibnNs8TtKOAZMp7C_Q==
GET H2	200	mortgage_q1-24-spring-mortgage-campaign_hero-2.jpg cdn2.tdecu.org/images/campaigns/mortgage/	49 KB 49 KB	119ms 118ms	Image image/avif	18.66.102.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.tdecu.org/images/campaigns/mortgage/mortgage_q1-24-spring-mortgage-campaign_hero-2.jpg?s=1800x600&g=c&f=a&z=2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-43.fra56.r.cloudfront.net Software / Resource Hash 753401225bd0f90d3aee1c4afa0243c5cd5a63af77437d346cf7c2c1ee93c6fd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 17:37:32 GMT via 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 1193584 x-amzn-requestid 2e40c903-1fee-432d-b7d9-7855af0f3eac x-amzn-trace-id root=1-665dff5c-4afe71dc1d4f75ae667ab911;parent=1b9651f1630f7225;sampled=0;lineage=bc1bd12d:0 x-cache Hit from cloudfront content-type image/avif cache-control public, max-age=31536000 content-length 49784 x-amz-cf-id Pye0U3JlRy8V6ERMHv2kAQw37PkamRW3ekaV-XO-_MYtXxV5cRgi5w==
GET H/1.1	200 OK	scripts.min.js Show response admin2.tdecu.easci.com/templates/tdecu/script/	429 KB 116 KB	335ms 334ms	Script application/javascript	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/templates/tdecu/script/scripts.min.js?cb=1a7daf1cb9dc7bc10859a2c82b9b7981 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash d43ab14459fd8dcb921aa9a250aba94b8a464df9c171fc32a37e1c97e70cd980 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:46 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Mon, 13 May 2024 22:11:22 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 8850662 8520218 Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 118380 X-Cache-Hits 2
GET H/1.1	200 OK	gtm.js Show response admin2.tdecu.easci.com/templates/tdecu/script/	11 KB 3 KB	197ms 196ms	Script application/javascript	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/templates/tdecu/script/gtm.js?cb=1a7daf1cb9dc7bc10859a2c82b9b7981 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash cf92c0e03e8be90ca64f14513fe7055cdcc375ce7d561e63498893015a0cb497 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:46 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Mon, 13 May 2024 22:11:33 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 11143267 8520220 Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 2660 X-Cache-Hits 1
GET H2	200	gtm.js Show response www.googletagmanager.com/	394 KB 119 KB	414ms 164ms	Script application/javascript	142.250.185.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f8.1e100.net Software Google Tag Manager / Resource Hash d39ec2c495f73917137f3996a38ce88b17968e5fca87294f178cd17b1f0bbaf5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 121292 x-xss-protection 0 last-modified Mon, 17 Jun 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 17 Jun 2024 13:10:36 GMT
GET H2	200	j.php Show response dev.visualwebsiteoptimizer.com/	49 KB 13 KB	280ms 150ms	Script application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/j.php?a=797377&u=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&vn=2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gbel2 / Resource Hash e22a0be9b1fddcb44be0da8a69a349b581b88be82919cd97773b6506eafb9ffe Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:36 GMT content-encoding gzip via 1.1 google server gbel2 etag W/"1718625520_EA" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0, no-cache, must-revalidate timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8 Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 501099e3597bc2c949e5639a9b29b1e9cc4bd77d5bf7d1dc9e6c7897b8ba030b Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a520785c9d0e6bac62535ac3fe4983ea61f6baa08c081cf0c6f70b78c049cc51 Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	fa-brands-400.woff admin2.tdecu.easci.com/components/com_sppagebuilder/assets/webfonts/	90 KB 91 KB	199ms 198ms	Font font/woff	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/components/com_sppagebuilder/assets/webfonts/fa-brands-400.woff Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/media/com_jchoptimize/cache/css/6ed83d71c8e2ac5eb6d243b6d13ae3b2.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash a0375c054a0041bd58e2a0bf7fa3df7c3904bfc4f790fd24e32ff3ee70fd0eef Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/media/com_jchoptimize/cache/css/6ed83d71c8e2ac5eb6d243b6d13ae3b2.css Origin https://admin2.tdecu.easci.com Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:47 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Age 109 X-Cache HIT Connection keep-alive Content-Length 92162 Last-Modified Wed, 22 Nov 2023 00:56:14 GMT Server Apache/2.4.41 (Ubuntu) Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS X-Varnish 15041485 11143259 Content-Type font/woff Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Access-Control-Allow-Headers Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token X-Cache-Hits 2
GET H3	200	va_gq-76f3702f8b30b766cd4e18f739ae0f65.js Show response dev.visualwebsiteoptimizer.com/edrv/	261 KB 68 KB	179ms 116ms	Script text/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/edrv/va_gq-76f3702f8b30b766cd4e18f739ae0f65.js Requested by Host: dev.visualwebsiteoptimizer.com URL: https://dev.visualwebsiteoptimizer.com/j.php?a=797377&u=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&vn=2 Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gbel2 / Resource Hash c17117ffd57a244cb8b5970e7f4a33a557c9d381f7f34181a21dbe086a883b3f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Origin https://admin2.tdecu.easci.com Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:36 GMT content-encoding br via 1.1 google last-modified Mon, 17 Jun 2024 11:58:14 GMT server gbel2 etag "667024d6-1101a" vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 69658
GET H3	200	nc-d90870b3acb30a947516a468d7f47037.js Show response dev.visualwebsiteoptimizer.com/edrv/	9 KB 3 KB	189ms 127ms	Script text/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/edrv/nc-d90870b3acb30a947516a468d7f47037.js Requested by Host: dev.visualwebsiteoptimizer.com URL: https://dev.visualwebsiteoptimizer.com/j.php?a=797377&u=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&vn=2 Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gbel2 / Resource Hash 7db861ccd18d5cbf54d8fa7c78192a441492f1ba83a65ede8dd6343cec5dae0a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Origin https://admin2.tdecu.easci.com Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:36 GMT content-encoding br via 1.1 google last-modified Mon, 17 Jun 2024 11:58:14 GMT server gbel2 etag "667024d6-cb9" vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3257
GET H2	200	v.gif dev.visualwebsiteoptimizer.com/	35 B 143 B	288ms 287ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=797377&d=admin2.tdecu.easci.com&u=D813515B27EDD3BD9CB8AE4DD21FCF460&h=0141d6c53d07d3543c1002e9764728bd&t=false Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv3c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:36 GMT via 1.1 google x-content-type-options nosniff server gnv3c content-type image/gif access-control-allow-origin * cache-control public, max-age=43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35
GET BLOB	200 OK	64be2b29-bf41-4e6b-86ae-d64222abc015 https://admin2.tdecu.easci.com/	384 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://admin2.tdecu.easci.com/64be2b29-bf41-4e6b-86ae-d64222abc015 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash c1a95459f2c9bf45dcb5d7ebff77deaa97555b163f1439436cd33aff5920985c Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 384 Content-Type application/javascript
POST H2	200	visitor_config Show response api.glia.com/	125 B 679 B	212ms 211ms	XHR application/json	18.173.205.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fadmin2.tdecu.easci.com%2F& Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.205.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-205-116.fra56.r.cloudfront.net Software / Resource Hash cd85d11bf3f6c3e95041089c15553537fe322aaf2a71b943066c87c00960ad8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 17 Jun 2024 13:10:36 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P12 x-cache Miss from cloudfront content-length 125 access-control-max-age 7200 access-control-allow-methods GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE content-type application/json access-control-allow-origin https://admin2.tdecu.easci.com access-control-expose-headers vary Origin access-control-allow-credentials true x-site-visitor-config true access-control-allow-headers Content-Type, Accept, Authorization x-amz-cf-id LX6IlTppyJ77Ei_cgHy-emSXAS0n1ycDzDUpjrxTFiIgrma4yo15eA==
GET H/1.1	200 OK	/ Show response admin2.tdecu.easci.com/blog/	40 KB 10 KB	279ms 278ms	XHR text/plain	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/blog/?format=feed&type=rss Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 4b8a8c07c05c4e1e583c4a8e6210c7e9181939cea4353138afbdc850417ce100 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Accept */* Referer https://admin2.tdecu.easci.com/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:10:36 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Age 0 Transfer-Encoding chunked X-Cache MISS Connection keep-alive referrer-policy strict-origin-when-cross-origin Last-Modified Mon, 17 Jun 2024 13:10:36 GMT Server Apache/2.4.41 (Ubuntu) cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN Vary Accept-Encoding Content-Type application/rss+xml; charset=utf-8 X-Varnish 15041486 Cache-Control no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate Accept-Ranges bytes Expires Wed, 17 Aug 2005 00:00:00 GMT
GET H3	200	answerstemplates.compiled.min.js Show response assets.sitescdn.net/answers/v1.7.1/	315 KB 64 KB	136ms 136ms	Script application/javascript	104.17.25.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.sitescdn.net/answers/v1.7.1/answerstemplates.compiled.min.js Requested by Host: assets.sitescdn.net URL: https://assets.sitescdn.net/answers/v1.7.1/answers.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.84 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e482eb6717364f5372e044fe181c2abdcbffa18e36a7860634deb4273440a139 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:37 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT last-modified Fri, 08 Jan 2021 16:10:17 GMT server cloudflare x-amz-request-id FFWKYAJH59YY8X5N age 8276954 etag W/"ac39ea2c28426a8e8d1fdc36730e402b" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 cf-ray 895347e16b918ffa-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 J9M7DiJGh+IznRoHBog2Y2BOtHz9McBNhpDPQgAc6+puJCtKFeRLATuPzQ5bjCKga12XgLD1Qm0=
GET H3	200	status.json Show response answersstatus.pagescdn.com/7cbcd3c971849c8f68b6fe2850cd247c/answers_tdecu/	18 B 877 B	745ms 559ms	Fetch application/json	104.17.24.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://answersstatus.pagescdn.com/7cbcd3c971849c8f68b6fe2850cd247c/answers_tdecu/status.json?v=20190101&api_key=7cbcd3c971849c8f68b6fe2850cd247c&jsLibVersion=v1.7.1&sessionTrackingEnabled=true Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.84 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d11441a60f0c81871548ccecf0b533ae2fff9f3b47aeb8d8d25ff1f2f10f54f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:37 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains cf-cache-status HIT x-amz-version-id null x-amz-request-id 730C1J2FBDMKBZEW x-amz-server-side-encryption AES256 x-yext-subendpoint static alt-svc h3=":443"; ma=86400 content-length 43 x-amz-id-2 ogeDWdx2hEWKBDDJQYJ9TKz4kLGqNu19H8jPTZeltYZzX8PeEtQq8wwT9hoS+ddpsjxXkA51iNY= surrogate-key answersstatus.pagescdn.com answersstatus.pagescdn.com%2F7cbcd3c971849c8f68b6fe2850cd247c%2Fanswers_tdecu%2Fstatus.json last-modified Wed, 30 Dec 2020 19:54:54 GMT server cloudflare etag "4310463ea3535c60c436d48d1e97769a"-gzip vary Accept-Encoding, Origin access-control-allow-methods OPTIONS, GET, HEAD content-type application/json access-control-allow-origin https://admin2.tdecu.easci.com x-yext-site us2 cache-control max-age=0, s-maxage=7200, must-revalidate accept-ranges bytes cf-ray 895347e29fab30f9-FRA owner AnswersSdkOverrides
GET BLOB	200 OK	df43172a-9c3d-476a-bfbc-714c3b0a3f01 https://admin2.tdecu.easci.com/	2 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://admin2.tdecu.easci.com/df43172a-9c3d-476a-bfbc-714c3b0a3f01 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 2479 Content-Type text/javascript
GET H2	200	js Show response www.googletagmanager.com/gtag/	354 KB 107 KB	150ms 149ms	Script application/javascript	142.250.185.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-73V86QZK0R&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f8.1e100.net Software Google Tag Manager / Resource Hash 43805d1dd708050cdd2c4366f1f565c3fccb2e6a7431ed85d74a4e4a89eadfe6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 109610 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 17 Jun 2024 13:10:37 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	268 KB 92 KB	150ms 150ms	Script application/javascript	142.250.185.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-1008014887&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f8.1e100.net Software Google Tag Manager / Resource Hash 244d13cd55c5feedb7b58f47799cfac6ae1e981a397c376dd0f6b3d632efd6a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 94271 x-xss-protection 0 last-modified Mon, 17 Jun 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 17 Jun 2024 13:10:37 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	362ms 131ms	Script application/javascript	13.107.21.237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Mon, 17 Jun 2024 13:10:36 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 447AC4AB6D6D40E6811D1A6EE5262698 Ref B: TLV30EDGE0317 Ref C: 2024-06-17T13:10:37Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	0550.js Show response script.crazyegg.com/pages/scripts/0115/	7 KB 3 KB	434ms 163ms	Script text/javascript	104.19.148.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0115/0550.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49c8e5410ddc43ef79bd02d3c646587f4c6415e893c2689e15046ce79f1498be Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:37 GMT content-encoding gzip cf-cache-status HIT age 16010 cf-polished origSize=6830 ce-version 11.5.221 cf-bgj minify last-modified Mon, 17 Jun 2024 08:43:47 GMT server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 timing-allow-origin * cf-ray 895347e38cff5d88-FRA
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	219 KB 59 KB	343ms 110ms	Script application/x-javascript	157.240.251.9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra5.fbcdn.net Software / Resource Hash 0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 17 Jun 2024 13:10:37 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58024 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=51, rtx=0, c=12, mss=1380, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug w+sBlYA54gsyHTBniYNhfXxx9R4bwqLZ1E8voPFr+1XypXb86qDGhH5W8nDlACbz+TkTY3M+bwDn4AXK3evNZw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	42 KB 13 KB	318ms 96ms	Script application/javascript	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:37 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Wed, 22 May 2024 17:01:28 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "16b7761205515ddc0668c12c434e8f00" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 12104
GET H2	200	script.js Show response cdn-cookieyes.com/client_data/56cf2d44ea731ea9ecfb4a95/	106 KB 35 KB	385ms 131ms	Script application/javascript	104.22.59.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-cookieyes.com/client_data/56cf2d44ea731ea9ecfb4a95/script.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.59.91 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e0a2d4dc0a50ea97301541dfa6f9baf7951fda591d16c5d9f23bede3655ecdb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 12 Jun 2024 01:04:38 GMT server cloudflare age 31559 etag "1a75f-61aa6f7722ac0-gzip" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate accept-ranges bytes cf-ray 895347e37d5fbbaa-FRA content-length 36011
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	364ms 118ms	Script text/javascript	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 17 Jun 2024 12:29:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 2489 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 17 Jun 2024 14:29:08 GMT
GET H2	200	cra9ptioz7 Show response www.clarity.ms/tag/	637 B 1002 B	768ms 379ms	Script application/x-javascript	13.107.253.45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/cra9ptioz7?ref=gtm2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1ee5067873af2eb66ba5e4b3498e876eac4ab649fac49acdba65520d83da18a8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Mon, 17 Jun 2024 13:10:37 GMT x-azure-ref 20240617T131037Z-157db8c5ddbbkh5xmasbcn41a40000000510000000005xd2 x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 637 request-context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	12 KB 13 KB	374ms 122ms	Script application/x-javascript	18.172.103.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.172.103.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-103-101.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 05:44:22 GMT Via 1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront) Last-Modified Fri, 07 Jun 2024 09:20:53 GMT Server AmazonS3 X-Amz-Cf-Pop FRA60-P8 Age 26776 x-amz-server-side-encryption AES256 ETag "a7eb6794e868fe870db350518165c868" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 12320 X-Amz-Cf-Id khjWwSG_xcSQaWvOAniURFgiVketfR_EfqRmPt5AWTEuRi8JxhetiA==
GET H2	200	t.js Show response 162566.tctm.co/	46 KB 15 KB	440ms 164ms	Script application/x-javascript	52.222.214.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://162566.tctm.co/t.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-99.fra56.r.cloudfront.net Software ctm / Resource Hash 7aeb00a886d59922f59e1c71239ee7b2513fdb4c690dfe43f6ba03b8ff27e796 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:37 GMT content-encoding gzip via 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront) last-modified Mon, 17 Jun 2024 13:10:37 GMT server ctm x-amz-cf-pop FRA56-P3 etag W/667035cd00027b062da46240-162566 x-cache Miss from cloudfront content-type application/x-javascript cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=86400 x-amz-cf-id ygxLjEV7n_QBOaDdTyylDT_6get-_airp2OqEVXf3iPcJF3u152fIw==
GET H2	200	Bootstrap.js Show response nexus.ensighten.com/choozle/19056/	57 KB 17 KB	408ms 140ms	Script application/javascript	65.9.66.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/choozle/19056/Bootstrap.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-72.fra56.r.cloudfront.net Software CloudFront / Resource Hash c22b958562fd46c47f8b9a80762b9e61306548f7c33763b4787dd15d7556c1e0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 11:15:05 GMT x-amz-version-id 0NMa9BcEo_cPnKlXMBZonJfoqdvh.mH3 content-encoding br via 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 age 1043733 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Mon, 29 Apr 2024 19:35:46 GMT server CloudFront etag W/"6e563ca93ff8ce69c64a6fb838434b9e" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=300 x-amz-cf-id wNBYPhZ4rrHlg6JLXBX7TT3v6DlOAW1ZtN6ur6XnKZkbLft41RjCYA==
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	88 KB 28 KB	415ms 142ms	Script text/javascript	18.245.86.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHHL7B9 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.245.86.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-116.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash cd374bea8f2cce1e9514e9f9a7af6cd7efbb566a5eea5cda53affc1391ada818 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-Amz-Version-Id mo7_u_yH02gprJDRXoC6WhXOKdSomtp. Content-Encoding gzip Via 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront) Date Mon, 17 Jun 2024 12:54:44 GMT Age 954 X-Amz-Cf-Pop FRA60-P6 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Wed, 05 Jun 2024 15:35:46 GMT Server AmazonS3 Etag W/"39817cce3f515077c86e9cc99a65f623" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id bP9pAXkfPqtcMTXvWRueCn_52z6uFZFf4jXk_MEjeiIDFRvA7jbOGg==
GET H3	200	s.gif dev.visualwebsiteoptimizer.com/	35 B 53 B	191ms 190ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/s.gif?account_id=797377&u=D813515B27EDD3BD9CB8AE4DD21FCF460&s=1718629836&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22he-il%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1718629837162%2C%22tO%22%3A-3%2C%22tz%22%3A%22Asia%2FJerusalem%22%7D&cu=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1718629836179&v=f7cef4569 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv3c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 17 Jun 2024 13:10:37 GMT via 1.1 google x-content-type-options nosniff server gnv3c content-type image/gif access-control-allow-origin * cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 10 Jan 2005 00:00:01 GMT
GET H/1.1	200 OK	handshake.svg admin2.tdecu.easci.com/images/icons-svg/	5 KB 3 KB	194ms 193ms	Image image/svg+xml	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://admin2.tdecu.easci.com/images/icons-svg/handshake.svg Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash f4040048b02c2567f3ef02b2aee99bcd5e18f7780f0eb0c181aa3f36bcc57fd9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:47 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Tue, 17 May 2022 21:00:11 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 15041488 11143261 Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 2418 X-Cache-Hits 2
GET H/1.1	200 OK	texas-pride-2.svg admin2.tdecu.easci.com/images/icons-svg/	27 KB 10 KB	203ms 202ms	Image image/svg+xml	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://admin2.tdecu.easci.com/images/icons-svg/texas-pride-2.svg Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 3b21bcad379a395f9ba245676af941e1953e17b2bd6a151451bcbcad8f764b70 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:47 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Tue, 14 Dec 2021 17:28:16 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 8850663 8850654 Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 9732 X-Cache-Hits 2
GET H/1.1	200 OK	status-check.svg admin2.tdecu.easci.com/images/icons-svg/	2 KB 1 KB	196ms 196ms	Image image/svg+xml	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://admin2.tdecu.easci.com/images/icons-svg/status-check.svg Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 55a9c45774ee512c0e235ff9f009eb35941536f577f7fca6d0a1608958e6517e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:47 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Tue, 14 Dec 2021 17:28:16 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 15041489 38797878 Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 746 X-Cache-Hits 2
GET H/1.1	200 OK	money-envelope.svg admin2.tdecu.easci.com/images/icons-svg/	2 KB 1 KB	196ms 196ms	Image image/svg+xml	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://admin2.tdecu.easci.com/images/icons-svg/money-envelope.svg Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash e6f4203800f8eb3d2fb55275d34fc53c6098377fa649e2a807f4b1e3be2b4584 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:08:47 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Tue, 14 Dec 2021 17:28:16 GMT Server Apache/2.4.41 (Ubuntu) Age 109 Vary Accept-Encoding X-Cache HIT X-Varnish 38797889 34408367 Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 851 X-Cache-Hits 2
GET DATA	200 OK	truncated /	89 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23 Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	settings.js Show response dev.visualwebsiteoptimizer.com/	27 KB 6 KB	122ms 120ms	Script application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/settings.js?a=797377&settings_type=1&vn=&eventArch=1&uuid=&ec=658501&exc=13|29|30|37|39 Requested by Host: dev.visualwebsiteoptimizer.com URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-76f3702f8b30b766cd4e18f739ae0f65.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gbel2 / Resource Hash ab470f5b4bd3f1f0a149beee684e32c96a1a8347b2ac894a41045d6caccc65d8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:37 GMT content-encoding gzip via 1.1 google server gbel2 etag W/"1718625520_EA" content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0, no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	config Show response pixel-config.reddit.com/pixels/t2_t3w4w8yv/	3 B 124 B	323ms 104ms	XHR application/json	151.101.65.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel-config.reddit.com/pixels/t2_t3w4w8yv/config Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:38 GMT content-encoding gzip via 1.1 varnish content-type application/json access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes content-length 27
GET H2	200	t2_t3w4w8yv_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 699 B	319ms 116ms	XHR application/json	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_t3w4w8yv_telemetry Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:38 GMT content-encoding gzip via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} server snooserv vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/json access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 97
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	312ms 104ms	Image image/gif	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1718629838096&id=t2_t3w4w8yv&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=e4b0ab73-240c-4bf7-a7c8-03daf2022590&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc= Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:38 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	admin2.tdecu.easci.com.json Show response script.crazyegg.com/pages/data-scripts/0115/0550/site/	14 KB 4 KB	394ms 161ms	XHR application/json	104.19.148.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0115/0550/site/admin2.tdecu.easci.com.json?t=1 Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 150b9dec7d70cd1c21d0d7fa3316284399dd02dd4cb274942809d8a5b2db9aed Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:38 GMT content-encoding gzip cf-cache-status HIT age 111 ce-version 11.5.221 content-length 3396 last-modified Mon, 17 Jun 2024 13:08:47 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 895347ea28fe9f1d-FRA
GET H2	200	/ Show response api.ipify.org/	29 B 164 B	469ms 207ms	Script application/javascript	104.26.13.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=jsonp&callback=getIP Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95c820d47925ae8bfba442ee09e92c2460aa834ddd791d81bc42aee5d217c747 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:38 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 895347ea79fabbdd-FRA content-length 29 vary Origin content-type application/javascript
GET H2	200	469749416569494 Show response connect.facebook.net/signals/config/	59 KB 14 KB	242ms 241ms	Script application/x-javascript	157.240.251.9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/469749416569494?v=2.9.158&r=stable&domain=admin2.tdecu.easci.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra5.fbcdn.net Software / Resource Hash f784b6a53bd0a747649b6c73346651560b98bcf633e87076f6d42741f368d323 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 17 Jun 2024 13:10:38 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=56, rtx=0, c=62, mss=1380, tbw=63569, tp=-1, tpl=-1, uplat=127, ullat=0 pragma public x-fb-debug lAJM30h0gTEuffTm1nimkswcGG3ajV92v+wqTmx59yt1SdvTIu9JjdQp10pPJBUMoWzi6YReHymDlouQjGXvtQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	tv2track.js Show response collector-29653.us.tvsquared.com/	20 KB 9 KB	805ms 202ms	Script application/javascript	3.131.138.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://collector-29653.us.tvsquared.com/tv2track.js Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.131.138.220 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-131-138-220.us-east-2.compute.amazonaws.com Software nginx / Resource Hash a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:10:38 GMT Content-Encoding gzip Last-Modified Mon, 19 Feb 2024 15:46:47 GMT Server nginx ETag "65d377e7-2133" Content-Type application/javascript Cache-Control max-age=600 Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 8499 Expires Mon, 17 Jun 2024 13:20:38 GMT
GET H/1.1	200 OK	trackpoint-async.js Show response s2.adform.net/banners/scripts/st/	80 KB 31 KB	422ms 141ms	Script application/javascript	2.17.100.232 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s2.adform.net/banners/scripts/st/trackpoint-async.js Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.17.100.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-232.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:10:38 GMT Content-Encoding gzip Last-Modified Fri, 08 Mar 2024 07:02:31 GMT Server nginx x-amz-request-id tx00000735043ebe7f724be-0065ead358-3296fce9-default ETag W/"1c188eabf1f0749a0cffb2c108473370" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * x-rgw-object-type Normal Cache-Control public, max-age=41638 Connection keep-alive Content-Length 31567
GET H2	200	25006980.js Show response bat.bing.com/p/action/	4 KB 2 KB	134ms 133ms	Script application/javascript	13.107.21.237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/25006980.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 3e409165ad535825942bfcc93d1ff12f0b4400a40351e55be3af5f054aebecad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Mon, 17 Jun 2024 13:10:37 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: E439F03778034F78ADA2F2C74E50F0AE Ref B: TLV30EDGE0317 Ref C: 2024-06-17T13:10:38Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	204	0 bat.bing.com/action/	0 287 B	129ms 129ms	Image text/plain	13.107.21.237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=25006980&tm=gtm002&Ver=2&mid=a52b6d06-d32a-4a55-a5f2-9caaabc8809c&sid=fda84fb02caa11ef9c5d0567c8c90c23&vid=fda87e202caa11efbb6a6103b946ad89&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=he-IL&sw=1600&sh=1200&sc=24&tl=TDECU%20%7C%20Your%20Texas%20Credit%20Union%20With%20Digital%20Banking&p=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&r=&lt=2736&evt=pageLoad&sv=1&rn=83704 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 17 Jun 2024 13:10:37 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 91EDA02A03D14F16839000597EFC666A Ref B: TLV30EDGE0317 Ref C: 2024-06-17T13:10:38Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	serverComponent.php Show response nexus.ensighten.com/choozle/19056/	380 B 712 B	170ms 169ms	Script text/javascript	65.9.66.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/choozle/19056/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/19056/code/&publishedOn=Mon%20Apr%2029%2019:35:37%20GMT%202024&ClientID=923&PageID=https%3A%2F%2Fadmin2.tdecu.easci.com%2F Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/choozle/19056/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-72.fra56.r.cloudfront.net Software CloudFront / Resource Hash d9fc9419ce3eddee1927c5ae55e8b18257387dd2147fa0a53efd64dfbc684a24 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:38 GMT via 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-C1 x-cache Miss from cloudfront content-type text/javascript cache-control no-cache, no-store alt-svc h3=":443"; ma=86400 content-length 380 x-amz-cf-id gtuAGzbNtwO6f3k1YuEFVUej06UacXwzWwuxHQYCT-8N_49TYxf_Uw== expires Mon, 17 Jun 2024 13:10:37 GMT
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ Redirect Chain https://s.adroll.com/j/pre/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/fpconsent.js https://s.adroll.com/j/pre/index.js	0 756 B	201ms 111ms	Script application/javascript	18.245.86.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/index.js Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Server 18.245.86.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-116.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer https://admin2.tdecu.easci.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers X-Amz-Version-Id nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy Date Mon, 17 Jun 2024 06:14:05 GMT Via 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront) Age 24994 X-Amz-Cf-Pop FRA60-P6 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Wed, 15 Jan 2020 23:54:18 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Max-Age 600 Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id EuJo1fjrId57LTEijpHFBmmZoJPMJh-xIivQLx5T3JKNL_1cr7tuVQ== Redirect headers Date Mon, 17 Jun 2024 12:19:44 GMT Via 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront) Age 3054 X-Amz-Cf-Pop FRA60-P6 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Location https://s.adroll.com/j/pre/index.js Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id qGeCqynSr95nFYISnxdf_xZjM_xwnAm3_fu7UtJZ4hrofkrKFH2XQQ==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/	0 809 B	240ms 120ms	Script text/javascript	18.245.86.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.245.86.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-116.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-Amz-Version-Id ivfMquFRkvkE7my3Uhl_hdP9nSjYl4i0 Date Mon, 17 Jun 2024 12:16:40 GMT Via 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront) Age 3239 X-Amz-Cf-Pop FRA60-P6 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Fri, 14 Jun 2024 12:38:17 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id VzphXtur9qJNFy6gxJAAlwlKES9fx8xtoMA2xWfkuWgz3ys6IqoIzA==
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.34/	61 KB 26 KB	164ms 164ms	Script application/javascript	13.107.253.45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.34/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/cra9ptioz7?ref=gtm2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:38 GMT content-encoding br last-modified Thu, 23 May 2024 23:20:12 GMT etag W/"0x8DC7B7EE5574D78" vary Accept-Encoding x-azure-ref 20240617T131038Z-157db8c5ddbbkh5xmasbcn41a40000000510000000005xe8 content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 73814540-201e-0051-2911-bdb357000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
GET H2	200	3UHUTMCIQFEF5HI7C7C6X3 Show response d.adroll.com/consent/check/	516 B 1 KB	399ms 127ms	Script application/javascript	52.213.93.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/3UHUTMCIQFEF5HI7C7C6X3?pv=35104821804.07666&arrfrr=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&_s=14d9edb91515bfec31f7ee45d077c10a&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.93.6 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-93-6.eu-west-1.compute.amazonaws.com Software nginx/1.22.1 / Resource Hash 79b09d79988d8987708aeb962329af6b77fcd5e62f157ddf3aac52b4230b354b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type application/javascript pragma no-cache date Mon, 17 Jun 2024 13:10:38 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 516 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	25006980 Show response www.clarity.ms/tag/uet/	827 B 1 KB	308ms 308ms	Script application/x-javascript	13.107.253.45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/25006980?insights=1 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/25006980.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5205b7e65b5f729c7505deea8facabf5bc3a015217aee7d722847e275e022c95 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Mon, 17 Jun 2024 13:10:38 GMT x-azure-ref 20240617T131038Z-157db8c5ddbbkh5xmasbcn41a40000000510000000005xe9 x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 827 request-context appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
GET H3	200	272515130417969 Show response connect.facebook.net/signals/config/	41 KB 8 KB	242ms 241ms	Script application/x-javascript	157.240.251.9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/272515130417969?v=2.9.158&r=stable&domain=admin2.tdecu.easci.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C152%2C181%2C183%2C114%2C136%2C140%2C176%2C120%2C218%2C107%2C137%2C161%2C148%2C110%2C219%2C154%2C111%2C134%2C127%2C115 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra5.fbcdn.net Software / Resource Hash b720a7cbd8ae11f3502f7dc0ad8e1ba150d0d188ed8b87bbfb4cadd6f2b1e36d Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 17 Jun 2024 13:10:38 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=108, rtx=0, c=23, mss=1232, tbw=4339, tp=9, tpl=0, uplat=130, ullat=0 pragma public x-fb-debug 2pj+QCc2pen38wAJ9BXCXCfsWp67e1rBcxnUdgWioBr/cvkdCziWluFZQq03wAgp+XUVoFt95Da1UW1vaHIcrQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 269 B	340ms 108ms	Image text/plain	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=469749416569494&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629838513&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=0396ba&ler=empty&cdl=API_unavailable&it=1718629838231&coo=false&tm=1&cs_cc=1&cas=7535232149890759%2C7794619423916178%2C2488452894508771%2C2283814135060923&rqm=GET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1380, tbw=2841, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Mon, 17 Jun 2024 13:10:38 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1 KB	511ms 280ms	Image image/png	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=469749416569494&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629838513&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=0396ba&ler=empty&cdl=API_unavailable&it=1718629838231&coo=false&tm=1&cs_cc=1&cas=7535232149890759%2C7794619423916178%2C2488452894508771%2C2283814135060923&rqm=FGET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x83fc3e2decaca421","source_keys":["1","2"]},{"key_piece":"0x45c6c54e1583cd6d","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Mon, 17 Jun 2024 13:10:38 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381458949273107504", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=50, rtx=0, c=21, mss=1380, tbw=7073, tp=-1, tpl=-1, uplat=171, ullat=0 pragma no-cache x-fb-debug LCUr0qGXBnarakX8HKEikWjw3dwDON81wED9ucmPSEifIafvDNEEYiq9wfVVaNmB+CFlBC+AoD9QSc7WvyOl9Q== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381458949273107504"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	623f33741352c768077746bc172bfcb2.js Show response nexus.ensighten.com/choozle/19056/code/	583 B 998 B	112ms 111ms	Script application/javascript	65.9.66.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/choozle/19056/code/623f33741352c768077746bc172bfcb2.js?conditionId0=4958059&conditionId1=4958060 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/choozle/19056/Bootstrap.js Protocol H3 Security QUIC, , AES_128_GCM Server 65.9.66.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-72.fra56.r.cloudfront.net Software CloudFront / Resource Hash 9a78701f6e49e71ab4a15f85c515418a37fb8e7e179b2686faa795765a402bac Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 10:07:58 GMT x-amz-version-id .NIv3YlMmQNhn9IvxmongIoFCaRMF4Xk via 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront) age 183761 x-amz-cf-pop FRA56-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 content-length 583 last-modified Mon, 04 Mar 2024 19:31:09 GMT server CloudFront etag "bd833dd44a422db4eabf82aebcec5ae6" content-type application/javascript; charset=utf-8 cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id AtJL9WnePBsi3Wcxt-EeAG2xbgEb6Fc0--c22dYxErbKAWe8ID_oDw==
GET H3	200	40c8679203dd9dec345291ae588c2bcf.js Show response nexus.ensighten.com/choozle/19056/code/	3 KB 1009 B	112ms 111ms	Script application/javascript	65.9.66.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/choozle/19056/code/40c8679203dd9dec345291ae588c2bcf.js?conditionId0=421905 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/choozle/19056/Bootstrap.js Protocol H3 Security QUIC, , AES_128_GCM Server 65.9.66.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-72.fra56.r.cloudfront.net Software CloudFront / Resource Hash 55d1c842ceae117300fd3220131eb6c306ba65da20d3e5da96d56353946b6c4e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 07 Mar 2024 21:12:21 GMT x-amz-version-id VZ4tNvWCxf6wyt1bjDj90WMCN3AnHwcw content-encoding br via 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront) age 8783898 x-amz-cf-pop FRA56-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Mon, 04 Mar 2024 19:31:07 GMT server CloudFront etag W/"92d1995a36998595c802de1b8ee7697f" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 x-amz-cf-id MmBSUbwPCbfPWqf3k5Wm7EooPzdzBJADLLDri0f69VZZXt54iTcRKg==
GET H2	200	0515e936549c06be21c2006ef99602c4.js Show response script.crazyegg.com/pages/versioned/commontransformations-scripts/	148 KB 49 KB	137ms 136ms	Script text/javascript	104.19.148.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/commontransformations-scripts/0515e936549c06be21c2006ef99602c4.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0115/0550.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b223926abea0d561c28008c49e8a21fdf4c7d64b3d199074aff1ed26b24cfa8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:38 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify last-modified Thu, 06 Jun 2024 18:23:01 GMT server cloudflare age 244868 cf-polished origSize=152018 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 timing-allow-origin * cf-ray 895347eb4eac5d88-FRA
GET H2	204	0 bat.bing.com/action/	0 237 B	130ms 130ms	Image text/plain	13.107.21.237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=25006980&tm=gtm002&Ver=2&mid=a52b6d06-d32a-4a55-a5f2-9caaabc8809c&sid=fda84fb02caa11ef9c5d0567c8c90c23&vid=fda87e202caa11efbb6a6103b946ad89&vids=0&msclkid=N&gtm_tag_source=ua&ec=NonInteraction&el=31.187.78.13&gc=USD&tpp=1&en=Y&p=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=328521 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 17 Jun 2024 13:10:38 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 23E2335A2C10488CB5335F6FCB069540 Ref B: TLV30EDGE0317 Ref C: 2024-06-17T13:10:38Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 286 B	622ms 200ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://admin2.tdecu.easci.com Date Mon, 17 Jun 2024 13:10:39 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H2	200	/ Show response a2.adform.net/Serving/TrackPoint/ Redirect Chain https://a2.adform.net/Serving/TrackPoint/?pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=102951608936&ADFtpmode=2&loc=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&Set1=he-IL%7Che-IL%7C1600x1200%7C24 https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=102951608936&ADFtpmode=2&loc=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&Set1=he-IL%7Che-IL%7C1600x1...	1 KB 1 KB	180ms 180ms	Script text/javascript	185.167.164.53 ADFORM
General Check archive.org Show headers Download Go to Full URL https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=102951608936&ADFtpmode=2&loc=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&Set1=he-IL%7Che-IL%7C1600x1200%7C24 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Server 185.167.164.53 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash db7716923df493f143217c37d5b6841b57cae6d6c68be978af9e156c1d19b708 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer https://admin2.tdecu.easci.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jun 2024 13:10:39 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform content-length 805 expires -1 Redirect headers pragma no-cache date Mon, 17 Jun 2024 13:10:39 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type text/html; charset=utf-8 location https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=102951608936&ADFtpmode=2&loc=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&Set1=he-IL%7Che-IL%7C1600x1200%7C24 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1
GET H3	200	717490166725921 Show response connect.facebook.net/signals/config/	23 KB 4 KB	233ms 232ms	Script application/x-javascript	157.240.251.9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/717490166725921?v=2.9.158&r=stable&domain=admin2.tdecu.easci.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C152%2C181%2C183%2C114%2C136%2C140%2C176%2C120%2C218%2C107%2C137%2C161%2C148%2C110%2C219%2C154%2C111%2C134%2C127%2C115%2C125%2C182%2C118 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra5.fbcdn.net Software / Resource Hash 4c3ba4eeb6e2f4109b935fbcfc9203a4a80737cdead760a3ccc3e4c92389ed1a Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 17 Jun 2024 13:10:38 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=108, rtx=0, c=31, mss=1232, tbw=14771, tp=19, tpl=0, uplat=120, ullat=0 pragma public x-fb-debug phUveJcFSyu5QprcVp9/eACUe2ZDE/28f21n8lcwR2Zf25/OPdbtyNdqlZgyT/3TwAfCEBwseV/U/C3CuucKTA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 98 B	110ms 108ms	Image text/plain	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=272515130417969&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629838780&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=214c4f&ler=empty&cdl=API_unavailable&cs_est=true&it=1718629838231&coo=false&tm=1&cs_cc=1&cas=4229840827118706%2C4941065865950597&rqm=GET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1380, tbw=3224, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Mon, 17 Jun 2024 13:10:38 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 4 KB	241ms 240ms	Image image/png	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=272515130417969&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629838780&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=214c4f&ler=empty&cdl=API_unavailable&cs_est=true&it=1718629838231&coo=false&tm=1&cs_cc=1&cas=4229840827118706%2C4941065865950597&rqm=FGET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xccf49c54468bcc68","source_keys":["1","2"]},{"key_piece":"0x43ee7a818615f8c9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Mon, 17 Jun 2024 13:10:38 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381458949125843626", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=50, rtx=0, c=21, mss=1380, tbw=3366, tp=-1, tpl=-1, uplat=124, ullat=0 pragma no-cache x-fb-debug S7G26UHaJPycypDloyodyLDrJgiM1nQjOWIxRWWL1Qet472/V0VpUEo4boW9+d4z/QOH9S/KZkcXk1iYyD3Ycg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381458949125843626"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	admin2.tdecu.easci.com.json Show response script.crazyegg.com/pages/data-scripts/0115/0550/sampling/	262 B 258 B	128ms 128ms	XHR application/json	104.19.148.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0115/0550/sampling/admin2.tdecu.easci.com.json?t=477397 Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a390a5006bb991f4254c51a102af580c48e16c8f5316cc4e9a576a477f46f9e7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:38 GMT content-encoding gzip cf-cache-status HIT age 110 ce-version 11.5.221 content-length 167 last-modified Mon, 17 Jun 2024 13:08:48 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 895347ecdd3b9f1d-FRA
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 286 B	818ms 448ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://admin2.tdecu.easci.com Date Mon, 17 Jun 2024 13:10:39 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H/1.1	200 OK	XOZUJCWOJVGMBEGXYCQIWJ.js Show response s.adroll.com/pixel/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/ Redirect Chain https://d.adroll.com/pixel/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A?adroll_fpc=129148ac3be14fd008edcd6dec17bfd3-1718629838900&pv=35104821804.07666&arrfrr=https%3A%2F%2Fadmin2.tdecu.easci.com%2... https://s.adroll.com/pixel/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/XOZUJCWOJVGMBEGXYCQIWJ.js	3 KB 2 KB	114ms 113ms	Script text/javascript	18.245.86.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/pixel/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/XOZUJCWOJVGMBEGXYCQIWJ.js Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Server 18.245.86.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-116.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 543776bc0f807e7ef664db8d4192c613abc0cff11a5f2231fe63eb9e9f41ba6e Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer https://admin2.tdecu.easci.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers X-Amz-Version-Id 0tb87kC_lt.kB4rkSUJYPXocsE92N451 Content-Encoding gzip Via 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront) Date Mon, 17 Jun 2024 12:20:29 GMT Age 3011 X-Amz-Cf-Pop FRA60-P6 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Wed, 29 Nov 2023 12:28:25 GMT Server AmazonS3 Etag W/"9e84ece318c753a51c8506cd82d6fa70" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id _a9q__i9mvB-NckAAzXQyWuJfRC37e_dZC509aOe7IzJzQk9FS7QVQ== Redirect headers date Mon, 17 Jun 2024 13:10:38 GMT x-segment-display-name Visitors to Unsegmented Pages p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" x-rule-type p content-length 0 pragma no-cache x-conversion-value 0.00 server nginx/1.22.1 x-rule * x-segment-eid XOZUJCWOJVGMBEGXYCQIWJ location https://s.adroll.com/pixel/3UHUTMCIQFEF5HI7C7C6X3/AWTPPKLTDFE7NND43K5R2A/XOZUJCWOJVGMBEGXYCQIWJ.js cache-control no-store, no-cache, must-revalidate x-pixel-eid AWTPPKLTDFE7NND43K5R2A x-segment-name * x-advertisable-eid 3UHUTMCIQFEF5HI7C7C6X3 x-conversion-currency
GET H2	200	/ www.facebook.com/tr/	0 121 B	117ms 107ms	Image text/plain	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=717490166725921&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629839035&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=38bc90&ler=empty&cdl=API_unavailable&it=1718629838231&coo=false&tm=1&cs_cc=1&rqm=GET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality GOOD; q=0.7, rtt=57, rtx=0, c=21, mss=1380, tbw=8476, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Mon, 17 Jun 2024 13:10:39 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1015 B	235ms 226ms	Image image/png	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=717490166725921&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629839035&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=38bc90&ler=empty&cdl=API_unavailable&it=1718629838231&coo=false&tm=1&cs_cc=1&rqm=FGET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe016d6bef96f3c89","source_keys":["1","2"]},{"key_piece":"0x59f2ec10d5f9b64b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Mon, 17 Jun 2024 13:10:39 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381458954522004951", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=53, rtx=0, c=21, mss=1380, tbw=12192, tp=-1, tpl=-1, uplat=120, ullat=0 pragma no-cache x-fb-debug P7Fu0ieKN7ABFmlEacwZIoBnd6GAU4gyBkCy5J43U2QBoa7FRNTo8ZSyfiJ13QzJ6eqOsBK+JSi+5uUIBeO+Ig== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381458954522004951"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 98 B	116ms 107ms	Image text/plain	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=469749416569494&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629839040&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=0396ba&ler=empty&cdl=API_unavailable&it=1718629838231&coo=false&cs_cc=1&cas=7535232149890759%2C7794619423916178%2C2488452894508771%2C2283814135060923&rqm=GET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality GOOD; q=0.7, rtt=57, rtx=0, c=21, mss=1380, tbw=8610, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Mon, 17 Jun 2024 13:10:39 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1017 B	227ms 219ms	Image image/png	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=469749416569494&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629839040&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=0396ba&ler=empty&cdl=API_unavailable&it=1718629838231&coo=false&cs_cc=1&cas=7535232149890759%2C7794619423916178%2C2488452894508771%2C2283814135060923&rqm=FGET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x83fc3e2decaca421","source_keys":["1","2"]},{"key_piece":"0x45c6c54e1583cd6d","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Mon, 17 Jun 2024 13:10:39 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381458954078577285", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=53, rtx=0, c=21, mss=1380, tbw=8925, tp=-1, tpl=-1, uplat=112, ullat=1 pragma no-cache x-fb-debug dwYN6iUV6uTaKn+/0B0qvG66IKFqNUWpj8D+yyF/mYjBNbUZ5stutNmHQ4T0kg9RO1DDGeCD734t5vnnJWpaXQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381458954078577285"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 97 B	116ms 108ms	Image text/plain	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=272515130417969&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629839042&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=214c4f&ler=empty&cdl=API_unavailable&cs_est=true&it=1718629838231&coo=false&cs_cc=1&cas=4229840827118706%2C4941065865950597&rqm=GET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality GOOD; q=0.7, rtt=57, rtx=0, c=21, mss=1380, tbw=8610, tp=-1, tpl=-1, uplat=1, ullat=1 strict-transport-security max-age=31536000; includeSubDomains date Mon, 17 Jun 2024 13:10:39 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 947 B	228ms 220ms	Image image/png	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=272515130417969&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629839042&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=214c4f&ler=empty&cdl=API_unavailable&cs_est=true&it=1718629838231&coo=false&cs_cc=1&cas=4229840827118706%2C4941065865950597&rqm=FGET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xccf49c54468bcc68","source_keys":["1","2"]},{"key_piece":"0x43ee7a818615f8c9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Mon, 17 Jun 2024 13:10:39 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381458952711155733", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=53, rtx=0, c=21, mss=1380, tbw=8925, tp=-1, tpl=-1, uplat=112, ullat=1 pragma no-cache x-fb-debug eJc8en83Ys5AHVLtPzYkvd8qLivaLvzRPoMBtrn3IsJLKr4u3vePRsv/Dq/Je1kX+HRCSj41NQpIjb9St9K4ug== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381458952711155733"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 32 B	116ms 108ms	Image text/plain	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=717490166725921&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629839045&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=38bc90&ler=empty&cdl=API_unavailable&it=1718629838231&coo=false&cs_cc=1&rqm=GET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality GOOD; q=0.7, rtt=57, rtx=0, c=21, mss=1380, tbw=8610, tp=-1, tpl=-1, uplat=1, ullat=1 strict-transport-security max-age=31536000; includeSubDomains date Mon, 17 Jun 2024 13:10:39 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1 KB	228ms 222ms	Image image/png	157.240.251.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=717490166725921&ev=PageView&dl=https%3A%2F%2Fadmin2.tdecu.easci.com&rl=&if=false&ts=1718629839045&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1718629838510.683967059471199198&pm=1&hrl=38bc90&ler=empty&cdl=API_unavailable&it=1718629838231&coo=false&cs_cc=1&rqm=FGET Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra5.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe016d6bef96f3c89","source_keys":["1","2"]},{"key_piece":"0x59f2ec10d5f9b64b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Mon, 17 Jun 2024 13:10:39 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381458954534716563", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=53, rtx=0, c=21, mss=1380, tbw=10955, tp=-1, tpl=-1, uplat=112, ullat=0 pragma no-cache x-fb-debug bIbvFREQjq37uibq3RB4o1Z6IFR6ukCRJlWAtxA/bpHDwNzgh+H1bD41se0IuYFeQLDoZHou65D1c9TCQ2QHLA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381458954534716563"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	tv2track.php collector-29653.us.tvsquared.com/	42 B 276 B	193ms 192ms	Image image/gif	3.131.138.220 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://collector-29653.us.tvsquared.com/tv2track.php?action_name=TDECU%20%7C%20Your%20Texas%20Credit%20Union%20With%20Digital%20Banking&idsite=TV-7209364563-1&rec=1&r=724057&h=16&m=10&s=39&url=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&_id=5649d8073aae48ab&_idts=1718629839&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=600 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.131.138.220 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-131-138-220.us-east-2.compute.amazonaws.com Software nginx / Resource Hash f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers P3p CP='OTI DSP COR NID STP UNI OTPa OUR' Date Mon, 17 Jun 2024 13:10:39 GMT Server nginx Connection keep-alive Request-Id 5c0f9874-f702-4b2a-bdfd-65471ee3c748 Content-Length 42 Content-Type image/gif
GET H2	200	bounce ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?adroll_fpc=129148ac3be14fd008edcd6dec17bfd3-1718629838900&pv=35104821804.07666&arrfrr=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&advertisable=3UHUTMCIQFEF5HI7C7C6X3 https://ib.adnxs.com/setuid?entity=172&code=MzhkZTMzMDUyYzNjYzI5YzNkZTdmNjUyZGNmNGFkMTU https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMzhkZTMzMDUyYzNjYzI5YzNkZTdmNjUyZGNmNGFkMTU	43 B 1 KB	117ms 117ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMzhkZTMzMDUyYzNjYzI5YzNkZTdmNjUyZGNmNGFkMTU Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer https://admin2.tdecu.easci.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jun 2024 13:10:39 GMT an-x-request-uuid 2c18dc25-c28c-4812-9afd-99c3a7528d40 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.187.78.13; 31.187.78.13; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 17 Jun 2024 13:10:39 GMT an-x-request-uuid 70eddda8-e438-4359-b0b0-80c45cdbc1c3 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMzhkZTMzMDUyYzNjYzI5YzNkZTdmNjUyZGNmNGFkMTU cache-control no-store, no-cache, private x-proxy-origin 31.187.78.13; 31.187.78.13; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ a2.adform.net/serving/container/ Frame 991F	0 0	536ms 182ms	Document text/html	185.167.164.53 ADFORM
General Check archive.org Show headers Download Go to Full URL https://a2.adform.net/serving/container/?pm=2816787&lid=120549097&ctype=0&media=0&PageName=Retargeting&rnd=1634831124&cpref=&loc=https%3a%2f%2fadmin2.tdecu.easci.com%2f Requested by Host: s2.adform.net URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.167.164.53 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer https://admin2.tdecu.easci.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform content-encoding gzip content-type text/html; charset=utf-8 date Mon, 17 Jun 2024 13:10:39 GMT expires -1 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
GET H2	200	pixels c1.adform.net/imatch/ Frame 7D59	0 0	390ms 124ms	Document text/html	37.157.5.133 ADFORM
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/imatch/pixels?bt=0&uid=3614599722058591390&agencyId=6276&advertiserId=2136215&src=tp&rnd=947124 Requested by Host: a2.adform.net URL: https://a2.adform.net/Serving/TrackPoint/?pm=2816787&ADFPageName=Retargeting&ADFdivider=%7C&ord=102951608936&ADFtpmode=2&loc=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&Set1=he-IL%7Che-IL%7C1600x1200%7C24 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.5.133 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer https://admin2.tdecu.easci.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 17 Jun 2024 13:10:39 GMT expires -1 pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
GET H2	200	/ a1.seadform.net/serving/cookie/sync/	35 B 467 B	412ms 124ms	Image image/gif	37.157.2.229 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://a1.seadform.net/serving/cookie/sync/?uid=3614599722058591390&stamp=MP2A9EOl79YDvP-67D9Y4w2 Requested by Host: admin2.tdecu.easci.com URL: https://admin2.tdecu.easci.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:39 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * content-type image/gif cache-control private
POST H2	204	collect www.google-analytics.com/g/	0 175 B	124ms 123ms	Ping text/plain	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-73V86QZK0R&gtm=45je46c0v875933936z8831284953za200zb831284953&_p=1718629836285&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&tag_exp=0&gdid=dY2Q2ZW&cid=963127195.1718629840&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&dp=%2F&dt=TDECU%20%7C%20Your%20Texas%20Credit%20Union%20With%20Digital%20Banking&sid=1718629837&sct=1&seg=0&dl=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_previous=external&ep.page_ct=1&ep.analytics_tag=GA4%20-%20page_view%20(www.tdecu.org)&ep.user_status=not-logged-in&tfd=5738 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-73V86QZK0R&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 17 Jun 2024 13:10:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://admin2.tdecu.easci.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 286 B	194ms 194ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://admin2.tdecu.easci.com Date Mon, 17 Jun 2024 13:10:41 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H2	200	heatmaps.js Show response heatmaps.monsido.com/v1/	8 KB 3 KB	348ms 213ms	Script text/javascript	34.98.91.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://heatmaps.monsido.com/v1/heatmaps.js Requested by Host: app-script.monsido.com URL: https://app-script.monsido.com/v2/monsido-script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.91.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.91.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 699e1427474c3daa7932aa405a51762e6ab51ba12a19775321a7357deb31f384 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:43 GMT content-encoding gzip age 0 x-guploader-uploadid ABPtcPpHS-cESdhvql2Ul3LcgdniHdxTjsL3MovxIWNgg_enyOPV2iPTJ-avvBkViRYQZhUQW8c x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2870 last-modified Thu, 01 Jun 2023 07:10:33 GMT server UploadServer etag "6bd8810f93d4046aec0007f3db64ca67" vary Accept-Encoding x-goog-generation 1685603433813852 x-goog-hash crc32c=uwyl4w==, md5=a9iBD5PUBGrsAAfz22TKZw== access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=300 x-goog-stored-content-length 2870 accept-ranges bytes content-type text/javascript expires Mon, 17 Jun 2024 13:15:43 GMT
GET H2	200	/ tracking.monsido.com/	43 B 205 B	271ms 120ms	Image image/gif	35.190.93.146 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tracking.monsido.com/?a=jxntH58yj40suPDIjtI69Q&b=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&c=C611718629842857&d=1600x1200&f=CA41718629842857&h=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.93.146 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 146.93.190.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires 2024-06-17T13:10:43Z date Mon, 17 Jun 2024 13:10:43 GMT cache-control private, no-store, max-age=0 via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 content-type image/gif
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ECEEC6CFB133477CB3574C23699EE882&RedC=c.clarity.ms&MXFR=1DE8F7E4B6D36FA21323E345B2D361B8 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECEEC6CFB133477CB3574C23699EE882&MUID=0BCF5B1C0E1B635F22BD4FBD0F8B6241	42 B 442 B	131ms 130ms	Image image/gif	68.219.88.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECEEC6CFB133477CB3574C23699EE882&MUID=0BCF5B1C0E1B635F22BD4FBD0F8B6241 Protocol H2 Server 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer https://admin2.tdecu.easci.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jun 2024 13:10:42 GMT last-modified Fri, 01 Mar 2024 22:54:48 GMT server Microsoft-IIS/10.0 etag "3e26b762b6cda1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Mon, 17 Jun 2024 13:10:42 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: EDC51DF762AE43678359D238E2BCEF77 Ref B: TLV30EDGE0317 Ref C: 2024-06-17T13:10:43Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECEEC6CFB133477CB3574C23699EE882&MUID=0BCF5B1C0E1B635F22BD4FBD0F8B6241 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	up insight.adsrvr.org/track/ Frame 05D1	0 0	128ms 125ms	Document text/html	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=s4so7ax&ref=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&upid=1epc39v&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer https://admin2.tdecu.easci.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html date Mon, 17 Jun 2024 13:10:42 GMT server Kestrel vary Accept-Encoding
GET H2	200	up insight.adsrvr.org/track/ Frame F586	0 0	125ms 124ms	Document text/html	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=0f9ttjl&ref=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&upid=gbyj632&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer https://admin2.tdecu.easci.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html date Mon, 17 Jun 2024 13:10:42 GMT server Kestrel vary Accept-Encoding
GET H2	200	up insight.adsrvr.org/track/ Frame 679F	0 0	242ms 129ms	Document text/html	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=s4so7ax&ref=https%3A%2F%2Fadmin2.tdecu.easci.com%2F&upid=1epc39v&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash Request headers Accept-Language he-IL,he;q=0.9;q=0.9 Referer https://admin2.tdecu.easci.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html date Mon, 17 Jun 2024 13:10:43 GMT server Kestrel vary Accept-Encoding
GET H2	200	texans-left-bg-v6.jpg cdn2.tdecu.org/images/article-image/	13 KB 13 KB	129ms 128ms	Image image/avif	18.66.102.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.tdecu.org/images/article-image/texans-left-bg-v6.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-43.fra56.r.cloudfront.net Software / Resource Hash b072deeebaa7465bda33c8da482957d347115cf12fd9c942e577a7a64cfce3f9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 04:47:00 GMT via 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 116622 x-amzn-requestid 9cbd88af-a998-4994-aa4a-c278b5678c61 x-amzn-trace-id root=1-666e6e44-2a0c8f47357e59053f2545cd;parent=6c814ed2bb1477dd;sampled=0;lineage=bc1bd12d:0 x-cache Hit from cloudfront content-type image/avif cache-control public, max-age=31536000 content-length 13272 x-amz-cf-id 01cqIh4ZZ-cE0W0QuN3bEMu1l4jP8ecYRBPnZBk7Vj26nMLC3FkYJg==
GET H2	200	bucees-card-left-bg-2022-2.jpg cdn2.tdecu.org/images/article-image/	7 KB 7 KB	114ms 113ms	Image image/avif	18.66.102.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.tdecu.org/images/article-image/bucees-card-left-bg-2022-2.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-43.fra56.r.cloudfront.net Software / Resource Hash 7188d449e1c22fb99eebd810b60c1279a4e87d373908b7856e0bd4e384fc84d1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 18:45:56 GMT via 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 6459885 x-amzn-requestid 3163ad68-498b-44cf-92d7-d530d0726386 x-amzn-trace-id root=1-660da3e4-6c61db903e0df73b5fed0f0d;parent=411f7d089f949c14;sampled=0;lineage=bc1bd12d:0 x-cache Hit from cloudfront content-type image/avif cache-control public, max-age=31536000 content-length 6889 x-amz-cf-id is8V26LaVGxjd9R6VYp9_Yp6KVXJ0uF3pJwRA329lhsNuviz_9NeLA==
GET H/1.1	200 OK	favicon.ico admin2.tdecu.easci.com/images/misc/	1 KB 1 KB	777ms 193ms	Other image/vnd.microsoft.icon	18.224.18.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin2.tdecu.easci.com/images/misc/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.224.18.161 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-18-161.us-east-2.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 286a89e4a7613a279fac4b60ccc5a95c334980ad708c761e82edd634dbdae609 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 17 Jun 2024 13:10:27 GMT Content-Encoding gzip Via 1.1 varnish (Varnish/6.2) Last-Modified Mon, 27 Jan 2020 19:33:59 GMT Server Apache/2.4.41 (Ubuntu) Age 16 Vary Accept-Encoding X-Cache HIT X-Varnish 8850665 34408376 Content-Type image/vnd.microsoft.icon Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 992 X-Cache-Hits 1
GET H3	200	jxntH58yj40suPDIjtI69Q.json Show response heatmaps.monsido.com/v1/settings/	56 B 83 B	321ms 256ms	XHR application/json	34.98.91.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://heatmaps.monsido.com/v1/settings/jxntH58yj40suPDIjtI69Q.json Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.91.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.91.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 281058203e02c938d2a50fe17591b5b883dded456b9240247853c0633026c316 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://admin2.tdecu.easci.com/ Accept-Language he-IL,he;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 13:10:43 GMT x-guploader-uploadid ABPtcPrWYwumqp7MLuMaJ5j7_VEuGT4jMB8vrqF16eqfqrHy9O74TndAj2nGefgSprxmYnZ-FjQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 last-modified Tue, 21 Mar 2023 17:33:44 GMT server UploadServer etag "f9c1a04d7994b6254cbc4bd24c18bb26" x-goog-generation 1679420024260128 content-type application/json access-control-allow-origin * x-goog-hash crc32c=o4Eluw==, md5=+cGgTXmUtiVMvEvSTBi7Jg== access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=300 x-goog-stored-content-length 56 accept-ranges bytes expires Mon, 17 Jun 2024 13:15:43 GMT