www.ecu.com Open in urlscan Pro
104.154.182.169  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.ecu.com/ HTTP 301
   https://www.ecu.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

• https://jelly.mdhv.io/v1/star.gif?pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&evt=hi HTTP 307
• https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&tx=f072e62a-24db-41cc-bf77-70f4567268b0

Request Chain 95

• https://um.simpli.fi/smaato HTTP 302
• https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=6E9026959AD04534A6881F46EAA69D2D

Request Chain 96

• https://um.simpli.fi/nexxen HTTP 302
• https://sync.1rx.io/usersync/simplifi/6E9026959AD04534A6881F46EAA69D2D HTTP 302
• https://sync.1rx.io/usersync/simplifi/6E9026959AD04534A6881F46EAA69D2D?zcc=1&cb=1698179390111 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-d42aca7b-4f2e-4af1-8c4f-9e05d7bca66b-003

Request Chain 97

• https://um.simpli.fi/triplelift HTTP 302
• https://eb2.3lift.com/xuid?mid=7969&xuid=6E9026959AD04534A6881F46EAA69D2D&dongle=yf3

Request Chain 98

• https://um.simpli.fi/telaria_p HTTP 302
• https://simplifi.partners.tremorhub.com/sync?UISF=6E9026959AD04534A6881F46EAA69D2D

Request Chain 99

• https://um.simpli.fi/tapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=6E9026959AD04534A6881F46EAA69D2D HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=6E9026959AD04534A6881F46EAA69D2D

Request Chain 100

• https://um.simpli.fi/ad_advisor HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=6E9026959AD04534A6881F46EAA69D2D HTTP 302
• https://d.agkn.com/pixel/10751/?che=1698179390095&ip=178.162.209.139&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217083104679005437627 HTTP 302
• https://um.simpli.fi/aa_px?sk=217083104679005437627 HTTP 302
• https://um.simpli.fi/empty.gif

Request Chain 101

• https://um.simpli.fi/intentiq HTTP 302
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=6E9026959AD04534A6881F46EAA69D2D

Request Chain 104

• https://um.simpli.fi/dtnx HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=6E9026959AD04534A6881F46EAA69D2D;mimetype=img; HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=6E9026959AD04534A6881F46EAA69D2D;mimetype=img;sr HTTP 302
• https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
• https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Request Chain 105

• https://um.simpli.fi/exelatem HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=6E9026959AD04534A6881F46EAA69D2D&j=0 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=6E9026959AD04534A6881F46EAA69D2D&j=0&xl8blockcheck=1

Request Chain 107

• https://um.simpli.fi/beachfront HTTP 302
• https://sync.bfmio.com/sync?pid=141&uid=6E9026959AD04534A6881F46EAA69D2D

Request Chain 108

• https://um.simpli.fi/bluekai HTTP 302
• https://stags.bluekai.com/site/29931?id=6E9026959AD04534A6881F46EAA69D2D

Request Chain 109

• https://um.simpli.fi/crwdcntrl HTTP 302
• https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=6E9026959AD04534A6881F46EAA69D2D

Request Chain 110

• https://um.simpli.fi/lj_match HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=6E9026959AD04534A6881F46EAA69D2D

Request Chain 111

• https://um.simpli.fi/liveramp_match HTTP 302
• https://idsync.rlcdn.com/419566.gif?partner_uid=6E9026959AD04534A6881F46EAA69D2D

Request Chain 112

• https://www.googleadservices.com/pagead/conversion/1026675585/?random=1698179389916&cv=7&fst=1698179389916&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1032484757&cv=7&fst=1698179389916&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=Pik4Za5Ln8P27w-oiLCICA&sscte=1&crd=&pscrd=IhMIruK5msOPggMVn6H9Bx0oBAyB HTTP 302
• https://www.google.com/pagead/1p-conversion/1026675585/?random=1032484757&cv=7&fst=1698179389916&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIruK5msOPggMVn6H9Bx0oBAyB&is_vtc=1&ocp_id=Pik4Za5Ln8P27w-oiLCICA&cid=CAQSKQDICaaNxuXU_0PVUakdky9anQ65xc5G6Kb1EAJP5NuuPCi3nRQgUe9b&random=1718921464 HTTP 302
• https://www.google.de/pagead/1p-conversion/1026675585/?random=1032484757&cv=7&fst=1698179389916&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIruK5msOPggMVn6H9Bx0oBAyB&is_vtc=1&ocp_id=Pik4Za5Ln8P27w-oiLCICA&cid=CAQSKQDICaaNxuXU_0PVUakdky9anQ65xc5G6Kb1EAJP5NuuPCi3nRQgUe9b&random=1718921464&ipr=y

Request Chain 114

• https://um.simpli.fi/an HTTP 302
• https://ib.adnxs.com/setuid?entity=66&code=6E9026959AD04534A6881F46EAA69D2D HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D6E9026959AD04534A6881F46EAA69D2D

Request Chain 115

• https://um.simpli.fi/rb_match HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=6E9026959AD04534A6881F46EAA69D2D&expires=365

Request Chain 116

• https://um.simpli.fi/ox_match HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072966&val=6E9026959AD04534A6881F46EAA69D2D

Request Chain 117

• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
• https://um.simpli.fi/g_match?id=&google_gid=CAESEC6kS139OCM_2ujfEzgEnU4&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6E9026959AD04534A6881F46EAA69D2D HTTP 302
• https://um.simpli.fi/g_match?id=

Request Chain 134

• https://um.simpli.fi/segmint HTTP 302
• https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6E9026959AD04534A6881F46EAA69D2D

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ecu.com/ Redirect Chain http://www.ecu.com/ https://www.ecu.com/	111 KB 28 KB	670ms 263ms	Document text/html	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / WP Engine Resource Hash 7ddae3b1203ab6156d39279df3f45344c4b36624c1ba131be6eccfffb23c6c71 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=600, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Tue, 24 Oct 2023 20:29:47 GMT link <https://www.ecu.com/wp-json/>; rel="https://api.w.org/" <https://www.ecu.com/wp-json/wp/v2/pages/1224>; rel="alternate"; type="application/json" <https://www.ecu.com/>; rel=shortlink server nginx vary Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie x-cache HIT: 188 x-cache-group normal x-cacheable SHORT x-powered-by WP Engine x-tec-api-origin https://www.ecu.com x-tec-api-root https://www.ecu.com/wp-json/tribe/events/v1/ x-tec-api-version v1 Redirect headers Connection keep-alive Content-Length 162 Content-Type text/html Date Tue, 24 Oct 2023 20:29:46 GMT Keep-Alive timeout=20 Location https://www.ecu.com/ Server nginx
GET H2	200	marvel.js Show response marvel-b2-cdn.bc0a.com/	9 KB 4 KB	55ms 15ms	Script application/javascript	35.201.125.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://marvel-b2-cdn.bc0a.com/marvel.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.125.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.125.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 190db2ea37186511e3cdfaeb6e37e68830c90647a9c18840f33ce00c03a05bd0 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:25:53 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains content-security-policy default-src 'self' 'unsafe-inline'; age 234 x-guploader-uploadid ABPtcPrKjIxZrLLRAGfZpVBALpAfw0kzKDpTMB3qb3-aHZtjbUoxz249eoydZldfcXV-HzmLtn6WmSPKrhEviegbmAm3jA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3142 last-modified Wed, 12 Apr 2023 17:03:33 GMT server UploadServer etag "0b57832ab47cd1fea51ee8a2dfa4f649" vary Accept-Encoding x-goog-hash crc32c=EF0vLQ==, md5=C1eDKrR80f6lHuii36T2SQ== x-goog-generation 1681319013677342 content-language en access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=3600 x-goog-stored-content-length 3142 accept-ranges bytes content-type application/javascript expires Tue, 24 Oct 2023 21:25:53 GMT
GET H2	200	trp-language-switcher.css www.ecu.com/wp-content/plugins/translatepress-multilingual/assets/css/	3 KB 1 KB	140ms 138ms	Stylesheet text/css	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.5.8 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 925f2ffb7b49a93b36740141ddfbd7487d8ef3de84f2c9c8be4cec4e584b0c18 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:47 GMT content-encoding br last-modified Mon, 07 Aug 2023 22:56:39 GMT server nginx etag W/"64d176a7-b1b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	style.css www.ecu.com/wp-content/themes/ecu-theme/	283 KB 39 KB	145ms 143ms	Stylesheet text/css	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-content/themes/ecu-theme/style.css?ver=1695857628 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 444cfc18cf96f271d6a30979427b0110d904727cdb3b2d7787fbc73db735ffa6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:47 GMT content-encoding br last-modified Wed, 27 Sep 2023 23:33:48 GMT server nginx etag W/"6514bbdc-46d48" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	jquery.min.js Show response www.ecu.com/wp-includes/js/jquery/	85 KB 31 KB	273ms 271ms	Script application/javascript	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:47 GMT content-encoding br last-modified Fri, 26 May 2023 11:33:35 GMT server nginx etag W/"6470990f-155ba" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	jquery-migrate.min.js Show response www.ecu.com/wp-includes/js/jquery/	13 KB 5 KB	273ms 271ms	Script application/javascript	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:47 GMT content-encoding br last-modified Fri, 09 Jun 2023 05:49:24 GMT server nginx etag W/"6482bd64-3509" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	tracking.js Show response wt.dm00.com/WebSiteTracking/scripts/	11 KB 3 KB	1472ms 174ms	Script application/javascript	52.24.112.196 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wt.dm00.com/WebSiteTracking/scripts/tracking.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.24.112.196 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-24-112-196.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 1ad73850b1f505e5acce1a6f573c32143adb5768f1cd46a5289f00cc77647283 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:48 GMT content-encoding gzip last-modified Wed, 21 Aug 2019 23:15:49 GMT server Microsoft-IIS/10.0 etag "80805f5e7658d51:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2703
GET H2	200	silvercloud.css integration.silvercloudinc.com/css/	67 KB 12 KB	94ms 23ms	Stylesheet text/css	99.86.91.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integration.silvercloudinc.com/css/silvercloud.css Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.91.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-91-50.cdg50.r.cloudfront.net Software AmazonS3 / Resource Hash e31806a6ea2e66e09eee3fb8408db5fab6a66e88bdf5cb59e8623754ec0ce22a Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 17:38:25 GMT content-encoding br via 1.1 14d7b62a2939d8cc7dc4d65d3de7b692.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 01:28:43 GMT server AmazonS3 x-amz-cf-pop CDG50-C1 age 10283 etag W/"cadf2667177badba5effef4f591874b9" x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css x-amz-cf-id tEYulz3YGD4quI6WKNYsuDOsHWa-L0C05GwBPBC_SV6JZ6dZWimJqQ==
GET H2	200	salemove_integration.js Show response api.glia.com/	9 KB 9 KB	142ms 23ms	Script application/javascript	2600:9000:269a:e800:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.glia.com/salemove_integration.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:269a:e800:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 085fa63bd5ca5ec9e2fb93e761032cbb85a9f11c5f984842bb63230b539bbeab Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubdomains; preload date Tue, 24 Oct 2023 20:18:03 GMT via 1.1 642ac9646ca474c1d78254f0a36a8c5e.cloudfront.net (CloudFront) last-modified Mon, 16 Oct 2023 18:06:58 GMT server AmazonS3 x-amz-cf-pop MRS52-P5 age 705 x-amz-server-side-encryption AES256 etag "1a8fd57b4a2524648ffd2624368c9cac" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 8905 x-amz-cf-id C1rgN8hANes8Jq4rs0bPD_yKStf2UBWNV-NzrQYA1QrP7bQCIll1sw==
GET H2	200	render.js Show response js.poshdevelopment.com/glia/	317 KB 95 KB	113ms 23ms	Script application/javascript	13.224.222.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.poshdevelopment.com/glia/render.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.222.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-222-81.lhr61.r.cloudfront.net Software AmazonS3 / Resource Hash 39a570c68ad275366d6c824a48356348d05f188b1be5a5439d46a4605c4715b4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-amz-version-id null strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip date Tue, 24 Oct 2023 17:53:50 GMT via 1.1 9c078cf62ea8987c07cb33f6c4e5cb5e.cloudfront.net (CloudFront) x-amz-cf-pop LHR61-C2 age 9358 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 22 Mar 2023 20:20:48 GMT server AmazonS3 etag W/"8aaf5cb1c486e8c639d60544ec0cc866" vary Accept-Encoding content-type application/javascript cache-control max-age=28800, stale-while-revalidate=14400 x-amz-cf-id OeLVW9PMGE2EMXx9DJr-N5kqLK3jvKpd2fu_6O1BhSr9E4iCBAv_4A==
GET H/1.1	200 OK	segmint.min.js Show response cdn.segmint.net/	16 KB 16 KB	136ms 19ms	Script application/javascript	99.86.91.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/segmint.min.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 99.86.91.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-91-78.cdg50.r.cloudfront.net Software AmazonS3 / Resource Hash 8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Tue, 24 Oct 2023 06:53:20 GMT Via 1.1 343bfbd831f62ab698056c2ca0efaabc.cloudfront.net (CloudFront) Last-Modified Wed, 20 Sep 2023 12:33:41 GMT Server AmazonS3 X-Amz-Cf-Pop CDG50-C1 Age 48988 x-amz-server-side-encryption AES256 ETag "6bdf8bf9c48aef3424ec8556d42ae32e" X-Cache Hit from cloudfront Content-Type application/javascript Cache-Control max-age:900 Connection keep-alive Accept-Ranges bytes Content-Length 16163 X-Amz-Cf-Id n5RMMSEL8tzgVmWFnZP6KIxKdZri1xTwU_iwOB8yjJleDhNvO1Wrwg==
GET H2	200	zla6sgs.css use.typekit.net/	7 KB 1 KB	163ms 139ms	Stylesheet text/css	2a02:26f0:3500:8::c16c:991d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/zla6sgs.css Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:8::c16c:991d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 263afb457ff90afe1a8125e5ffa88a152631bb23c117227191e66cd6dad9d253 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Tue, 24 Oct 2023 20:29:47 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1011
GET H/1.1	200 OK	widget.js Show response autolink.io/educatorscu/	1 KB 1 KB	383ms 125ms	Script application/javascript	52.3.0.87 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://autolink.io/educatorscu/widget.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.3.0.87 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-0-87.compute-1.amazonaws.com Software nginx / Resource Hash a40734e383bc32218cea98905e5d8b2d453adae8f8b07df9e2638669b5e970a7 Security Headers Name Value Content-Security-Policy frame-ancestors ecu.com www.ecu.com 'self' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Tue, 24 Oct 2023 20:29:48 GMT Content-Security-Policy frame-ancestors ecu.com www.ecu.com 'self' X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000 Content-Encoding gzip X-Permitted-Cross-Domain-Policies master-only Transfer-Encoding chunked P3P CP="We do not have a P3P policy. For more information about the credit union's privacy policy, please contact the credit union." Connection keep-alive X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx Vary Origin Content-Type application/javascript; charset=UTF-8 Cache-Control no-store trace-id 7ec74fa1e030e90f
GET H2	200	es_ES.png www.ecu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/	325 B 527 B	315ms 315ms	Image image/png	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/es_ES.png Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash f71e440bd8074d59686f35d87b824c16f5310a34bab7fb017b0178bd726e35d3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:48 GMT last-modified Mon, 07 Aug 2023 22:56:39 GMT server nginx etag "64d176a7-145" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 325
GET H2	200	icon_search.svg www.ecu.com/wp-content/themes/ecu-theme/images/	366 B 497 B	133ms 132ms	Image image/svg+xml	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/icon_search.svg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash c02831872993c20fe69f3849c9d9db72c3909f43168cffe91a2644630995fc90 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:48 GMT content-encoding br last-modified Tue, 13 Apr 2021 22:48:40 GMT server nginx etag W/"60761fc8-16e" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	icon_close.svg www.ecu.com/wp-content/themes/ecu-theme/images/	243 B 370 B	134ms 134ms	Image image/svg+xml	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/icon_close.svg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 50cb3db9b3744d64cc86b1ea6f5a6ded3bbffb6dce7dbf18e6ff0f69c237c324 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:48 GMT content-encoding br last-modified Wed, 14 Apr 2021 16:14:35 GMT server nginx etag W/"607714eb-f3" vary Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	educatorscu-logo_black.svg www.ecu.com/wp-content/themes/ecu-theme/images/	12 KB 4 KB	273ms 272ms	Image image/svg+xml	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/educatorscu-logo_black.svg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 755282e60812114e342340f88528b3c65585c166a4ec5966dc8758266ed90d1f Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:47 GMT content-encoding br last-modified Mon, 23 Aug 2021 19:09:24 GMT server nginx etag W/"6123f264-2ee0" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	apple_app_store_icon.png www.ecu.com/wp-content/themes/ecu-theme/images/	4 KB 4 KB	132ms 132ms	Image image/png	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/apple_app_store_icon.png Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 9ecf55657d16d7d0402e52fde46dde42926218ea0fb66a81cd60927212f62d18 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:48 GMT last-modified Fri, 02 Apr 2021 22:45:18 GMT server nginx etag "60679e7e-e7a" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 3706
GET H2	200	google_play_icon.png www.ecu.com/wp-content/themes/ecu-theme/images/	4 KB 4 KB	178ms 178ms	Image image/png	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/wp-content/themes/ecu-theme/images/google_play_icon.png Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 851bae4a476e38538c2f984c131b803a97a9ade9a237c2c4468082f62b95bf4b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT last-modified Fri, 02 Apr 2021 22:45:21 GMT server nginx etag "60679e81-f1c" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 3868
GET H2	200	silvercloud.js Show response integration.silvercloudinc.com/js/silvercloudjs/	61 KB 20 KB	90ms 20ms	Script application/javascript	99.86.91.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.91.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-91-50.cdg50.r.cloudfront.net Software AmazonS3 / Resource Hash 40b2da647bcc787d43218caecb24901ea7b01025bcf5f9db98359756dbf4aae0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 05:49:52 GMT content-encoding gzip via 1.1 14d7b62a2939d8cc7dc4d65d3de7b692.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 01:28:43 GMT server AmazonS3 x-amz-cf-pop CDG50-C1 age 52796 etag W/"80f213d3a2f208a7129b19b16ceaefaa" x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id msss9FRM4OdgkAu_7MGUzHph7nckeD38ICdtCkae4dDZc-ToTIFgeA==
GET H2	200	bundle.js Show response www.ecu.com/wp-content/themes/ecu-theme/js/dist/	354 KB 86 KB	147ms 146ms	Script application/javascript	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.ecu.com/wp-content/themes/ecu-theme/js/dist/bundle.js?ver=1684879700 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 1946f5c48ba071eca9f1831dbce10e5ea5aadfcb133c6a49a909ed68b7b4cdad Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT content-encoding br last-modified Tue, 23 May 2023 22:08:20 GMT server nginx etag W/"646d3954-589b5" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	gtm.js Show response www.googletagmanager.com/	219 KB 77 KB	75ms 35ms	Script application/javascript	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NRTWHZ Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 819e1793754770b4c7c7cfb11c8b2c99c598ba01cdca7083cfb918ba835760c5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78471 x-xss-protection 0 last-modified Tue, 24 Oct 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 24 Oct 2023 20:29:49 GMT
POST H2	204	Log Show response wt.dm00.com/WebSiteTracking/api/tracking/	0 130 B	532ms 179ms	XHR text/plain	52.24.112.196 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wt.dm00.com/WebSiteTracking/api/tracking/Log Requested by Host: wt.dm00.com URL: https://wt.dm00.com/WebSiteTracking/scripts/tracking.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.24.112.196 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-24-112-196.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:49 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET access-control-allow-origin * cache-control no-cache expires -1
OPTIONS H/1.1	200 OK	86c27085-fa24-42c1-87da-979f494a7e40.json cdn.segmint.net/ Frame	0 0	429ms 372ms	Preflight	99.86.91.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/86c27085-fa24-42c1-87da-979f494a7e40.json Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 99.86.91.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-91-78.cdg50.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods PUT, POST, DELETE, GET Access-Control-Allow-Origin * Access-Control-Max-Age 3000 Connection keep-alive Content-Length 0 Date Tue, 24 Oct 2023 20:29:50 GMT Server AmazonS3 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Via 1.1 ddcc5754acfb5d436bc0a20046a15158.cloudfront.net (CloudFront) X-Amz-Cf-Id zg7XUd9V9ImQmHCgtHTY3NdJLN-r3kz62VNumeHwlfQMeXTftU5u6g== X-Amz-Cf-Pop CDG50-C1 X-Cache Miss from cloudfront
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	47ms 14ms	Script text/javascript	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 24 Oct 2023 20:11:04 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 1125 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 24 Oct 2023 22:11:04 GMT
GET H/1.1	200 OK	86c27085-fa24-42c1-87da-979f494a7e40.json Show response cdn.segmint.net/	313 B 962 B	60ms 60ms	XHR application/json	99.86.91.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/86c27085-fa24-42c1-87da-979f494a7e40.json Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 99.86.91.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-91-78.cdg50.r.cloudfront.net Software AmazonS3 / Resource Hash 3f4dc3f961910ce8231b1be58206134dc6df36b634ca14b45541c20b90fb320f Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/json Response headers Date Tue, 24 Oct 2023 20:29:49 GMT Via 1.1 ddcc5754acfb5d436bc0a20046a15158.cloudfront.net (CloudFront) X-Amz-Cf-Pop CDG50-C1 Age 657 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 313 Last-Modified Tue, 02 May 2023 18:04:30 GMT Server AmazonS3 ETag "97c68a40611e343ca35777be534f7a6d" Access-Control-Max-Age 3000 Access-Control-Allow-Methods PUT, POST, DELETE, GET Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=900 Accept-Ranges bytes X-Amz-Cf-Id 9ywOJAhZJh4mEmkr8KnVs1Cgiamyo4dI8lm6SymQXv3NqS2cy5l0wA==
GET H2	200	widget.js Show response cdn.userway.org/	2 KB 2 KB	53ms 14ms	Script application/javascript	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widget.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash ecb36b720daac7b62ebfa04530cecc177f6ab5e3cb6059dd1bb8c57a92025f79 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:49 GMT via 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront) content-encoding gzip x-age-lb 1310 x-amz-cf-pop FRA60-P3 age 122 x-amz-server-side-encryption AES256 x-77-cache HIT x-accel-date 1698178079 x-77-nzt AZySIYs3Nzf/HgUAAA x-accel-expires @1698181679 x-77-age 1310 x-cache-lb HIT last-modified Fri, 20 Oct 2023 18:02:07 GMT server CDN77-Turbo etag W/"629e1b6941643c5823ed156e819ac04a" x-77-nzt-ray cf8787274b3fdc593d2938658afa4501 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=3600, public content-type application/javascript x-amz-cf-id _i9UEoimCQXRp7r52osQDDx9IeKHK-Kcn4fY-a8SkImPeunJTHcvKA==
GET H2	200	p.css p.typekit.net/	5 B 172 B	37ms 8ms	Stylesheet text/css	2a02:26f0:780::210:a419 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=zla6sgs&ht=tk&f=24561.24562.24571.24572.28121.28122.28747.28752.28755.28762&a=553736&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a419 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers accept-language de-DE,de;q=0.9 Referer https://use.typekit.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT last-modified Fri, 23 Jun 2023 17:09:47 GMT server nginx etag "6495d1db-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
POST H2	200	visitor_config Show response api.glia.com/	10 KB 12 KB	134ms 134ms	XHR application/json	2600:9000:269a:e800:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.ecu.com%2F& Requested by Host: api.glia.com URL: https://api.glia.com/salemove_integration.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:269a:e800:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 545869d556905ca2e059f52cddaeeac900632b2987f026ee2a934755032f4539 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 24 Oct 2023 20:29:49 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 642ac9646ca474c1d78254f0a36a8c5e.cloudfront.net (CloudFront) x-amz-cf-pop MRS52-P5 x-cache Miss from cloudfront content-length 10623 access-control-max-age 7200 access-control-allow-methods ["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"] content-type application/json access-control-allow-origin https://www.ecu.com access-control-expose-headers cache-control no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true vary Origin x-site-visitor-config true access-control-allow-headers Content-Type, Accept, Authorization x-amz-cf-id 4aZTrU2y3_sII-l_bNheKXV7yfy6-8eDPuos6SCPp7uks48H47DoKw==
GET H2	200	Bobby-Portis_WebsiteHomepage-01-scaled.jpg www.ecu.com/files/	79 KB 79 KB	192ms 190ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/Bobby-Portis_WebsiteHomepage-01-scaled.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 9dfd1fa5b08ab980e4911c6edd778e6fbbc37ade12fb9515c7694312f5bbd72b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT last-modified Tue, 10 Oct 2023 14:48:27 GMT server nginx etag "6525643b-13a02" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 80386
GET H2	200	videobanking.jpg www.ecu.com/files/	49 KB 50 KB	193ms 191ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/videobanking.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 29d81b71ad00d2569a43aa3d158f5d4833a8c7e04f3cc0e834c66e9dfb4fa572 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT last-modified Fri, 04 Feb 2022 22:00:05 GMT server nginx etag "61fda1e5-c51a" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 50458
GET H2	200	mobilebanking.jpg www.ecu.com/files/	25 KB 25 KB	193ms 191ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/mobilebanking.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash d9dd994462350e5e87778c43cd7a72564c4fd4b8b9bcf899f4726845ca4d108d Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT last-modified Fri, 04 Feb 2022 21:59:55 GMT server nginx etag "61fda1db-63da" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 25562
GET H2	200	Savers-Sweepstakes_Blog-Photos_2023-10_Anne-W_V1.jpg www.ecu.com/files/	30 KB 31 KB	193ms 191ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/Savers-Sweepstakes_Blog-Photos_2023-10_Anne-W_V1.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash cc47b5fad5ba68bac1921abc8f089f5912632cbe3b744093a802b6a7da238ea0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT last-modified Fri, 20 Oct 2023 14:36:25 GMT server nginx etag "65329069-795b" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 31067
GET H2	200	International-Credit-Union-Day_Digital-Ad_2023-10_Blog-300x200-1.jpg www.ecu.com/files/	12 KB 13 KB	193ms 192ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/International-Credit-Union-Day_Digital-Ad_2023-10_Blog-300x200-1.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 9d2cdd7f3425c582f9861fea6340ba49a33c09f26ebc3d0e80f7b505eb1413da Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT last-modified Thu, 12 Oct 2023 18:15:48 GMT server nginx etag "652837d4-31f9" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 12793
GET H2	200	Fraud-Awareness_Digital-Ads_2023-09_Blog-2-300x200-1.jpg www.ecu.com/files/	33 KB 34 KB	319ms 318ms	Image image/jpeg	104.154.182.169 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.ecu.com/files/Fraud-Awareness_Digital-Ads_2023-09_Blog-2-300x200-1.jpg Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.154.182.169 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 169.182.154.104.bc.googleusercontent.com Software nginx / Resource Hash 4340b6c821a1c0319a730265a6d16cd07720f5b4320c3c44a0525b0384405dea Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT last-modified Thu, 12 Oct 2023 18:22:02 GMT server nginx etag "6528394a-8583" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 34179
GET H/1.1	200 OK	widget-stage2.js Show response autolink.io/educatorscu/03196578a2ffa121875028db6cd62b74/	25 B 879 B	348ms 148ms	XHR application/javascript	52.3.0.87 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://autolink.io/educatorscu/03196578a2ffa121875028db6cd62b74/widget-stage2.js?q=eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LmVjdS5jb20vIiwic2Vzc2lvbiI6ImQ0MWM3ZmNjLTQ4ZDEtNGYxMy1hY2M5LTc4ZmFlNmM3ZDgyMCJ9 Requested by Host: autolink.io URL: https://autolink.io/educatorscu/widget.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.3.0.87 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-0-87.compute-1.amazonaws.com Software nginx / Resource Hash 275ff46c1074b2c1da9af72c003a47c029496cf6ea1d3d09794a3e388bcf72c7 Security Headers Name Value Content-Security-Policy frame-ancestors ecu.com www.ecu.com 'self' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Tue, 24 Oct 2023 20:29:49 GMT Content-Security-Policy frame-ancestors ecu.com www.ecu.com 'self' X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000 Content-Encoding gzip X-Permitted-Cross-Domain-Policies master-only Transfer-Encoding chunked P3P CP="We do not have a P3P policy. For more information about the credit union's privacy policy, please contact the credit union." Connection keep-alive X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx Vary Origin Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin https://www.ecu.com Cache-Control private, max-age=1814400, immutable Access-Control-Allow-Credentials true trace-id 5d4e26473d7ca74d
GET H2	200	widget_app_base_1697824777924.js Show response cdn.userway.org/widgetapp/2023-10-20-17-59-37/	135 KB 40 KB	44ms 13ms	Script application/javascript	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 128442e896c8da3bc48faef5f843b7a4831a04713b10d7f96b8255ecc8753c39 Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:49 GMT via 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront) content-encoding gzip x-age-lb 354356 x-amz-cf-pop FRA60-P3 age 31 x-amz-server-side-encryption AES256 x-77-cache HIT x-accel-date 1697825033 x-77-nzt AZySIYs3Nzf/NGgFAA x-accel-expires @1723745033 x-77-age 354356 x-cache-lb HIT last-modified Fri, 20 Oct 2023 18:02:01 GMT server CDN77-Turbo etag W/"d634011d8790ee54b45f0468968ebba0" x-77-nzt-ray cf878727c93b405c3d29386569314d06 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id TKkjs4h6vKvkm_UXpu-OS2EHhAFbYtPsREAv4tViiTqMSeYuTvc1NQ==
GET H2	200	l use.typekit.net/af/277d7a/00000000000000003b9ade63/27/	35 KB 35 KB	29ms 7ms	Font application/font-woff2	2a02:26f0:3500:8::c16c:991d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/277d7a/00000000000000003b9ade63/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:8::c16c:991d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash c2a1f25fed271100f66e9712047ecae983e28154d2ee4b1c3f8ae36f43938246 Request headers Referer https://use.typekit.net/zla6sgs.css Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT server nginx etag "b2f60e17d86161d42d1afc2ea0f9382eac0ebf3b" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 35976
GET H2	200	l use.typekit.net/af/c12453/0000000000000000000157bf/27/	27 KB 27 KB	27ms 9ms	Font application/font-woff2	2a02:26f0:3500:8::c16c:991d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/c12453/0000000000000000000157bf/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:8::c16c:991d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 55e389c9c0b3d3a2ad0d58c3cb282dde39e8c90c70f3213f05779fbfc7b87098 Request headers Referer https://use.typekit.net/zla6sgs.css Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT server nginx etag "828c2624ab9e788f1badba0de96a44a845cd105a" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 27616
GET H2	200	l use.typekit.net/af/19c742/0000000000000000000157c9/27/	25 KB 26 KB	34ms 16ms	Font application/font-woff2	2a02:26f0:3500:8::c16c:991d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/19c742/0000000000000000000157c9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:8::c16c:991d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 9a499e8bcb40fb69318026c909e6166b66cfd8ab5cc63f022138c22f4f8dd0af Request headers Referer https://use.typekit.net/zla6sgs.css Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT server nginx etag "67d39e3590a8758df9f98386e6d42f94c49a1710" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 26056
GET H2	200	l use.typekit.net/af/0ceada/00000000000000003b9ade5c/27/	37 KB 37 KB	28ms 14ms	Font application/font-woff2	2a02:26f0:3500:8::c16c:991d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/0ceada/00000000000000003b9ade5c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:8::c16c:991d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 846cd0f60c8391c367237080073ef3c8d3966fa82565610dddfef6a0b03447fb Request headers Referer https://use.typekit.net/zla6sgs.css Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT server nginx etag "ef9614aec4a49ce43336734e6b7a8f33a282e0b4" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 37692
GET H2	200	l use.typekit.net/af/de68cc/00000000000000007735b41f/30/	40 KB 40 KB	27ms 17ms	Font application/font-woff2	2a02:26f0:3500:8::c16c:991d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/de68cc/00000000000000007735b41f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zla6sgs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:8::c16c:991d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 7f2104371f48a77dc9d248046efcf80c27529d5a1c2646ae7a9c383623b07d43 Request headers Referer https://use.typekit.net/zla6sgs.css Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT server nginx etag "6f781086524022749eac8a0ac09826bb241e240e" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 40612
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 205 B	22ms 17ms	XHR text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=126700238&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ecu.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Educators%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1253712935&gjid=1298465280&cid=812792881.1698179389&tid=UA-146171377-36&_gid=1358578314.1698179389&_r=1&_slc=1&z=893229232 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ecu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 68 B	17ms 17ms	XHR text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=126700238&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ecu.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Educators%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1909604648&gjid=1671286275&cid=812792881.1698179389&tid=UA-146171377-2&_gid=1358578314.1698179389&_r=1&_slc=1&z=1056919304 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ecu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bootstrapper-9870479fe.js Show response libs.salemove.com/visitor/	635 KB 165 KB	57ms 8ms	Script application/javascript	2600:9000:206f:aa00:0:99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor/bootstrapper-9870479fe.js Requested by Host: api.glia.com URL: https://api.glia.com/salemove_integration.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:aa00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 25de0ca4d168855d4dc9d0ee356d6cacad98d81a3a334dcb987b718af127dcae Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 11:29:04 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 age 378046 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 20 Oct 2023 11:01:17 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:661148c6135dcebcbcc034055c75d966 etag W/"661148c6135dcebcbcc034055c75d966" vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type application/javascript cache-control max-age=31536000 x-amz-cf-id xs1HXInfNqlT7MpjBM8yUMHQgUJHH0Ux48T_w50vmZYZ98qHrotVqA==
GET H2	200	js Show response www.googletagmanager.com/gtag/	255 KB 87 KB	38ms 37ms	Script application/javascript	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-P0G2EW5F8N&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTWHZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5e47241077398feed51f0eaa922aacd8c87d40e656910a005a395e352f31a551 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88727 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 24 Oct 2023 20:29:49 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	17ms 17ms	XHR text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=126700238&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ecu.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Educators%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=1426057884&gjid=995659156&cid=812792881.1698179389&tid=UA-41195611-1&_gid=1358578314.1698179389&_r=1&_slc=1&gtm=45He3an0n71NRTWHZ&z=1557254328 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ecu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	alphpixel.js Show response js.alpixtrack.com/	5 KB 5 KB	431ms 129ms	Script application/javascript	130.211.141.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://js.alpixtrack.com/alphpixel.js?cust=3770542-617-WISN Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTWHZ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 130.211.141.45 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.141.211.130.bc.googleusercontent.com Software nginx/1.20.0 / Resource Hash 26b1fa79351edf039f381c8d30f0d0861746042f076c8de57179d822b8d7eacd Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Tue, 24 Oct 2023 20:29:49 GMT Last-Modified Wed, 07 Jul 2021 09:31:25 GMT Server nginx/1.20.0 ETag "60e5746d-1331" Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=86400, public, no-transform Connection keep-alive Accept-Ranges bytes Content-Length 4913 Expires Wed, 25 Oct 2023 20:29:49 GMT
GET H2	200	elle_button.js Show response d4hldqmvpzsy0.cloudfront.net/assets/	369 KB 73 KB	106ms 40ms	Script application/javascript	2600:9000:262b:1a00:1e:28bc:9200:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d4hldqmvpzsy0.cloudfront.net/assets/elle_button.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:262b:1a00:1e:28bc:9200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 477e51db2820aabe5d18b445ba5485f223218b52b723114011e976faa65631e9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma public date Tue, 24 Oct 2023 20:29:49 GMT content-encoding gzip via 1.1 b3c3867bcc3f09d634cc38a60db5bb78.cloudfront.net (CloudFront) last-modified Thu, 14 Sep 2023 22:20:49 GMT server nginx x-amz-cf-pop CDG52-P5 age 764 etag W/"65038741-5c26d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1800, public x-amz-cf-id 7ojg-qMzLLbWgS9-vdRwt6eS5BoadgTX10y1ZBR3GkhbAEms1QKHfg== expires Tue, 24 Oct 2023 20:47:05 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	199 KB 53 KB	32ms 12ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 24 Oct 2023 20:29:49 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 53588 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug KssNUbeR50X84a0O7s+6hjVgtfjpVm8ZNHV9Vzw6xbwpNVjRbK31mTpnP5lMZPpAd0AQnNNuTzn70zCirFwe3g== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response tags.srv.stackadapt.com/	18 KB 7 KB	125ms 100ms	Script text/javascript	35.157.233.159 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/events.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.157.233.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-233-159.eu-central-1.compute.amazonaws.com Software / Resource Hash cb20aaef1e07d6441a994e525151ed687e22ba723f6c2f532a7e2f4df7e73462 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers access-control-allow-origin * date Tue, 24 Oct 2023 20:29:49 GMT cache-control max-age=5 content-encoding gzip content-type text/javascript
GET H2	200	scevent.min.js Show response sc-static.net/	38 KB 17 KB	82ms 31ms	Script application/javascript	143.204.207.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc-static.net/scevent.min.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.207.250 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-207-250.fra53.r.cloudfront.net Software CloudFront / Resource Hash 718d2cf95092db9b8f8f18f303240a5fa8a0f3add9bec2a0e0ff12234456fb4a Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT content-encoding gzip via 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA53-C1 x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, s-maxage=0, max-age=600 access-control-allow-headers Content-Type content-length 16800 x-amz-cf-id qE6gcM8PlalS9qg8d85-HfDjxO3fkrhdYPKC16GNAuQk0Kf_evBZxA==
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 3 KB	345ms 119ms	Script application/javascript	23.53.43.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCOUGH3C77U8584IB53G&lib=ttq Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-53-43-185.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 745d9cef8c73b721119c6a042ed9f986abe97796ed92dd8e90a8077cb654f7df Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-akamai-request-id 2cb5fc3 date Tue, 24 Oct 2023 20:29:49 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-) server-timing inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=101 content-length 1920 pragma no-cache server nginx x-tt-logid 2023102420294957F1AD842FA2BCFCFAAC vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 101,23.53.43.181 x-tt-trace-host 01128794241a0440577c21ec3d6a4c939018c9479c7f9d44471402326cdcb065abcb1a9e180eedc2a9bb8fb781bb98420f8246c392235f8d9808e2ab289f31d626110f5a7ae36e27bd81dd9b0b1b6c646b3391aa131973fe2917ee4fc91404db16 expires Tue, 24 Oct 2023 20:29:49 GMT
GET H2	200	2e5bca30-3cfc-013b-a710-0cc47abd0334 Show response tag.simpli.fi/sifitag/	3 KB 3 KB	77ms 17ms	Script application/javascript	35.234.162.151 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/2e5bca30-3cfc-013b-a710-0cc47abd0334 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTWHZ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 151.162.234.35.bc.googleusercontent.com Software openresty / Resource Hash 93291d3a7b4d356f4b96dcbb8d431aa0b57dbc73a5b70ef651fcccef76f5573c Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:49 GMT server openresty content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 3101 x-request-id F5ElKD7RYTWs6wEB5riF expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	44 KB 13 KB	60ms 39ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 24 Oct 2023 20:29:48 GMT last-modified Thu, 12 Oct 2023 17:36:49 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 98A49E6622EC48FBB7C52ECAD4AC3C4C Ref B: FRAEDGE2015 Ref C: 2023-10-24T20:29:49Z etag "808ec9ad32fdd91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 12978
GET H2	200	starV6.gif jelly-v6.mdhv.io/v1/ Redirect Chain https://jelly.mdhv.io/v1/star.gif?pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&evt=hi https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&tx=f072e62a-24db-41cc-bf77-70f4567268b0	43 B 235 B	186ms 126ms	Image image/gif	2001:4860:4802:36::15 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&tx=f072e62a-24db-41cc-bf77-70f4567268b0 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Server 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:49 GMT server Google Frontend content-type image/gif x-cloud-trace-context ccb45475986297f9822d50756b51c035 cache-control no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0 content-length 43 expires -1 Redirect headers location https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=wlh0UCROe9FeUxzvzfayDUtQWMrP&src=mh&tx=f072e62a-24db-41cc-bf77-70f4567268b0 x-cloud-trace-context 768c42c483161970700c797f03036907 date Tue, 24 Oct 2023 20:29:49 GMT server Google Frontend content-length 173 content-type text/html; charset=utf-8
POST H2	200	05LFyEabXj Show response api.userway.org/api/tunings/	3 KB 3 KB	548ms 181ms	XHR application/json	2600:1f14:5db:eb22:8c74:7dd:713:3577 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.userway.org/api/tunings/05LFyEabXj Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1f14:5db:eb22:8c74:7dd:713:3577 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 33ae5cea0016ca92d0bf3aeb5d408bc13a05b028d4fdb09923efa1317f09bba2 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 24 Oct 2023 20:29:49 GMT etag W/"baa-CLICei3sEWhrDkepJiKJTgAd2Zc" access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * x-service-request-id usrae87e9a4cffb456 access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control no-cache, no-store, must-revalidate access-control-allow-headers * content-length 2986 x-service-version uw-pr
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 346 B	62ms 20ms	XHR text/plain	2a00:1450:400c:c03::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-41195611-1&cid=812792881.1698179389&jid=1426057884&gjid=995659156&_gid=1358578314.1698179389&_u=aEDAAEABAAAAACAAI~&z=355059701 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 24 Oct 2023 20:29:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ecu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	webcomponents_es5-9870479fe.js Show response libs.salemove.com/visitor/	936 B 1 KB	9ms 9ms	Script application/javascript	2600:9000:206f:aa00:0:99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor/webcomponents_es5-9870479fe.js Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-9870479fe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:aa00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 11:29:05 GMT strict-transport-security max-age=63072000; includeSubdomains; preload via 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 age 378045 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 936 last-modified Fri, 20 Oct 2023 11:01:18 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:f86098c5208655efb405300993461936 etag "f86098c5208655efb405300993461936" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id ZfYV7Zlfs8NWEhhsK82VDT1n2PJEQq1keWzM02MRjjl8MaPkT27ygw==
GET H2	200	css Show response litho.silvercloudinc.com/utilities/	433 KB 19 KB	369ms 369ms	XHR application/json	18.245.86.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/utilities/css?product_id=60c27855d1a5b56c6e7383ba Requested by Host: integration.silvercloudinc.com URL: https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-65.fra60.r.cloudfront.net Software nginx/1.14.0 + Phusion Passenger(R) 6.0.18 / Phusion Passenger(R) Enterprise 6.0.18 Resource Hash fe803a2a2b973008364cddaa4e284500776a51c23e878070a5438d9e9b1d9123 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept version=1 Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 Authorization Token eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI1YjJiZDVlM2MxOTU5NDc2OTJhZTcwZjAiLCJpYXQiOjE2MjU4MzI2MzQsImF1ZCI6WyJ3d3cuZWN1LmNvbSIsInd3dy5lY3UuY29tIiwiZWN1LmNvbSIsImVjdS5jb20iLCJlZHVjYXRvcnNzdGFnaW5nLm9yYi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9yc3N0YWdpbmcub3JiLmFsa2FtaXRlY2guY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwiZWR1Y2F0b3JzLnFhMTAuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWExMC5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTQuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWE0LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMy5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTMuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWEyLmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5kZXYuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMuZGV2LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLmxvY2FsIiwiZWR1Y2F0b3JzLmxvY2FsIiwic3RhZ2luZ2VjdS53cGVuZ2luZS5jb20iLCJzdGFnaW5nZWN1LndwZW5naW5lLmNvbSIsImVjdS5waXhlbHNwb2tlLXN0YWdpbmcuY29tIiwiZWN1LnBpeGVsc3Bva2Utc3RhZ2luZy5jb20iXSwicHJvZHVjdF9pZHMiOlsiNjBjMjc4NTVkMWE1YjU2YzZlNzM4M2JhIiwiNWIyYmQ1MWMzODdmMjMyMWUxZTY1NDE0Il19.-nQum5UERx-Eor_cmd1CUVjZd8BiIBLuDxX7DT63H_g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=31536000 content-encoding gzip via 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P6 x-powered-by Phusion Passenger(R) Enterprise 6.0.18 x-cache Miss from cloudfront status 200 OK x-request-id 37159ce0-39cc-4d97-937b-0fcc80419074 x-runtime 0.060938 server nginx/1.14.0 + Phusion Passenger(R) 6.0.18 etag W/"fe803a2a2b973008364cddaa4e284500" access-control-max-age 7200 access-control-allow-methods OPTIONS, GET, POST, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://www.ecu.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id PdSvhSI5OupYdNxpINrAjtNGXLwrGxbVSNjm0jFhO4SnB7C80FJ4ow==
GET H2	200	60c35c2824c0674546b9a36f Show response litho.silvercloudinc.com/console/integration_widgets/	2 KB 2 KB	138ms 137ms	XHR application/json	18.245.86.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/console/integration_widgets/60c35c2824c0674546b9a36f?product_id=60c27855d1a5b56c6e7383ba Requested by Host: integration.silvercloudinc.com URL: https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-65.fra60.r.cloudfront.net Software nginx/1.14.0 + Phusion Passenger(R) 6.0.18 / Phusion Passenger(R) Enterprise 6.0.18 Resource Hash e5caadfd450c4f173cf468f4afdf2b5d137cbd5ba5e677a3c51c605a9e55cb4c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept version=1 Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 Authorization Token eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI1YjJiZDVlM2MxOTU5NDc2OTJhZTcwZjAiLCJpYXQiOjE2MjU4MzI2MzQsImF1ZCI6WyJ3d3cuZWN1LmNvbSIsInd3dy5lY3UuY29tIiwiZWN1LmNvbSIsImVjdS5jb20iLCJlZHVjYXRvcnNzdGFnaW5nLm9yYi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9yc3N0YWdpbmcub3JiLmFsa2FtaXRlY2guY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwiZWR1Y2F0b3JzLnFhMTAuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWExMC5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTQuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWE0LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMy5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTMuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWEyLmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5kZXYuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMuZGV2LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLmxvY2FsIiwiZWR1Y2F0b3JzLmxvY2FsIiwic3RhZ2luZ2VjdS53cGVuZ2luZS5jb20iLCJzdGFnaW5nZWN1LndwZW5naW5lLmNvbSIsImVjdS5waXhlbHNwb2tlLXN0YWdpbmcuY29tIiwiZWN1LnBpeGVsc3Bva2Utc3RhZ2luZy5jb20iXSwicHJvZHVjdF9pZHMiOlsiNjBjMjc4NTVkMWE1YjU2YzZlNzM4M2JhIiwiNWIyYmQ1MWMzODdmMjMyMWUxZTY1NDE0Il19.-nQum5UERx-Eor_cmd1CUVjZd8BiIBLuDxX7DT63H_g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT strict-transport-security max-age=31536000 content-encoding gzip via 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P6 x-powered-by Phusion Passenger(R) Enterprise 6.0.18 x-cache Miss from cloudfront status 200 OK x-request-id e78e85f3-c17c-4b8e-bf8c-343a9715f05d x-runtime 0.026798 server nginx/1.14.0 + Phusion Passenger(R) 6.0.18 etag W/"e5caadfd450c4f173cf468f4afdf2b5d" access-control-max-age 7200 access-control-allow-methods OPTIONS, GET, POST, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://www.ecu.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id CFzf8kB35WPY6LIyHl03PTjCj4HYyBLnwA-IrU9uN7jSppTsa4cTzw==
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	137ms 43ms	Image image/gif	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41195611-1&cid=812792881.1698179389&jid=1426057884&_u=aEDAAEABAAAAACAAI~&z=292642686 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:49 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	133ms 40ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41195611-1&cid=812792881.1698179389&jid=1426057884&_u=aEDAAEABAAAAACAAI~&z=292642686 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:49 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 251 B	62ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-P0G2EW5F8N&gtm=45je3an0&_p=126700238&cid=812792881.1698179389&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698179389&sct=1&seg=0&dl=https%3A%2F%2Fwww.ecu.com%2F&dt=Home%20%7C%20Educators%20Credit%20Union&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-P0G2EW5F8N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:49 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ecu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	350100730149698 Show response connect.facebook.net/signals/config/	115 KB 31 KB	66ms 65ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/350100730149698?v=2.9.135&r=stable&domain=www.ecu.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 07f5cc78fd1e600e82130a2d226873fccf5b2f7e925bade68e362684402296ac Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 24 Oct 2023 20:29:49 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug EPrZJ448NdRDUSwhR09OC+tCCEmI/MVJjFQt55iCWcAW5V4P5HvgTVxqybcDEQ7AhI7Hjjzld0DG74+MK1+jrA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	343046370.js Show response bat.bing.com/p/action/	0 116 B	32ms 32ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/343046370.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Tue, 24 Oct 2023 20:29:48 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: DCED66E26B824A6DAF62C2982C0E662A Ref B: FRAEDGE2015 Ref C: 2023-10-24T20:29:49Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 285 B	35ms 35ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=343046370&Ver=2&mid=390b190c-79e6-4952-8068-56083d2c1eba&sid=1437a10072ac11eeaa000f8495be5cc8&vid=1437b73072ac11ee80a6cd7b30c4d784&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20%7C%20Educators%20Credit%20Union&p=https%3A%2F%2Fwww.ecu.com%2F&r=&lt=2781&evt=pageLoad&sv=1&rn=778598 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 24 Oct 2023 20:29:48 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 748AE88A724B441CA33360B7F4D28B79 Ref B: FRAEDGE2015 Ref C: 2023-10-24T20:29:49Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	css litho.silvercloudinc.com/utilities/ Frame	0 0	442ms 297ms	Preflight	18.245.86.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/utilities/css?product_id=60c27855d1a5b56c6e7383ba Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-65.fra60.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Type,Accept,Authorization access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, HEAD access-control-allow-origin https://www.ecu.com access-control-max-age 1728000 date Tue, 24 Oct 2023 20:29:49 GMT server nginx/1.14.0 (Ubuntu) via 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront) x-amz-cf-id EnVQFhQMaa-Udu0X6pIC4gVnv7Kqu3K4LJ_P8Z6vRlvGCRFkjeLzjA== x-amz-cf-pop FRA60-P6 x-cache Miss from cloudfront
OPTIONS H2	204	60c35c2824c0674546b9a36f litho.silvercloudinc.com/console/integration_widgets/ Frame	0 0	446ms 301ms	Preflight	18.245.86.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/console/integration_widgets/60c35c2824c0674546b9a36f?product_id=60c27855d1a5b56c6e7383ba Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-65.fra60.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Type,Accept,Authorization access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, HEAD access-control-allow-origin https://www.ecu.com access-control-max-age 1728000 date Tue, 24 Oct 2023 20:29:49 GMT server nginx/1.14.0 (Ubuntu) via 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront) x-amz-cf-id JC8I6TVJQqUWACPY5vqg1zbttjTHfyWaBLIvUobEYXOwsxh2tTWftw== x-amz-cf-pop FRA60-P6 x-cache Miss from cloudfront
GET H2	200	sa.css tags.srv.stackadapt.com/	65 B 203 B	99ms 98ms	Stylesheet text/css	35.157.233.159 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.css Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.157.233.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-233-159.eu-central-1.compute.amazonaws.com Software / Resource Hash 524c52817c9b0945c112657cc27b2bdb5e0ed5811d56f0090e8363446f19b54f Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers access-control-allow-origin * date Tue, 24 Oct 2023 20:29:49 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 65 content-type text/css
GET H2	200	sa.jpeg Show response tags.srv.stackadapt.com/	0 2 KB	117ms 98ms	Fetch image/jpeg	35.157.233.159 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.jpeg Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.157.233.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-233-159.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers access-control-allow-origin * date Tue, 24 Oct 2023 20:29:49 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 651 content-type image/jpeg
GET H2	200	8047d132-03cb-4587-b0fb-1b22856cd695.js Show response tr.snapchat.com/config/com/	173 B 447 B	108ms 34ms	Script application/javascript	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/config/com/8047d132-03cb-4587-b0fb-1b22856cd695.js?v=3.4.11-2310110039 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 24784452bdf4399b856ee01c0ba927589a6f1c227de6a672d9566e14866563bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway content-type application/javascript access-control-allow-origin https://www.ecu.com x-envoy-upstream-service-time 2 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 173
GET H2	200	i Show response tr.snapchat.com/cm/ Frame 20BD	0 201 B	105ms 31ms	Document text/html	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/cm/i?pid=8047d132-03cb-4587-b0fb-1b22856cd695&u_scsid=31b59d4e-371b-42da-888b-f0ae5c401d13&u_sclid=953103a6-eb52-4d09-9191-8b730191def4 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains Request headers Referer https://www.ecu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Tue, 24 Oct 2023 20:29:49 GMT server API Gateway strict-transport-security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains via 1.1 google x-envoy-upstream-service-time 0
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	45ms 7ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: d4hldqmvpzsy0.cloudfront.net URL: https://d4hldqmvpzsy0.cloudfront.net/assets/elle_button.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:49 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 3377190 x-cache HIT, HIT content-length 30288 x-served-by cache-lga13622-LGA, cache-fra-eddf8230086-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1698179389.488996,VS0,VE0 etag W/"28feccc0-1538f" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 3, 276258
GET H2	200	elle_button.css d4hldqmvpzsy0.cloudfront.net/assets/	43 KB 6 KB	32ms 32ms	Stylesheet text/css	2600:9000:262b:1a00:1e:28bc:9200:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d4hldqmvpzsy0.cloudfront.net/assets/elle_button.css Requested by Host: d4hldqmvpzsy0.cloudfront.net URL: https://d4hldqmvpzsy0.cloudfront.net/assets/elle_button.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:262b:1a00:1e:28bc:9200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 2b4fd9f83f1f606837e1c665a039c9e118d2a1120da94603306ccf15e1d6f5e5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma public date Tue, 24 Oct 2023 20:29:49 GMT content-encoding gzip via 1.1 b3c3867bcc3f09d634cc38a60db5bb78.cloudfront.net (CloudFront) last-modified Thu, 14 Sep 2023 22:20:49 GMT server nginx x-amz-cf-pop CDG52-P5 age 1425 etag W/"65038741-aa29" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=1800, public x-amz-cf-id LcxtWOoUpPQ6jMUJP75BzBTXTpj-pgaFvmEySTZtCKJaFf7C6M6inQ== expires Tue, 24 Oct 2023 20:36:04 GMT
GET H2	200	visitor-app.0978d4a9.min.js Show response libs.salemove.com/	748 KB 216 KB	11ms 8ms	Script application/javascript	2600:9000:206f:aa00:0:99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor-app.0978d4a9.min.js Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-9870479fe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:aa00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 76426889f161e4ac48b4b6e0e678445192dced39a8b3b37de98ca3012996d8a4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 09:07:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 age 40920 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 24 Oct 2023 08:38:48 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:175d3cb5dafbaf71659ef854a80bb844 etag W/"175d3cb5dafbaf71659ef854a80bb844" vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type application/javascript cache-control max-age=31536000 x-amz-cf-id 9E8Uh2P3x5v1yXoEFjxgJ4AaqM0HzgVdWPtjqZZp4sZO35nb0Tir6A==
GET H2	200	visitor-app.0978d4a9.default.css libs.salemove.com/	317 KB 115 KB	24ms 21ms	Stylesheet text/css	2600:9000:206f:aa00:0:99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor-app.0978d4a9.default.css Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-9870479fe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:aa00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1beef433b46d74386994b4a74c97ddf8eef03d362a663d7c13e5e25ae29a1f78 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 09:07:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 age 40920 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 24 Oct 2023 08:38:48 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:196180e158c8a834c5737e9e17a96adb etag W/"196180e158c8a834c5737e9e17a96adb" vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type text/css cache-control max-age=31536000 x-amz-cf-id NSwapaJ-M_6NlXLs9R4O6_NLOrDWl7Ohhy-R1nMPI6qnr5yyZdVuaQ==
GET H2	200	7beb9210c84d11 Show response api.salemove.com/visitor_app/0978d4a9/sites/968111e8-8800-4cec-b46e-f731f70e1238/custom_locales/esUSECUcontent/	14 KB 14 KB	111ms 26ms	XHR application/json	2600:9000:269a:e800:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.salemove.com/visitor_app/0978d4a9/sites/968111e8-8800-4cec-b46e-f731f70e1238/custom_locales/esUSECUcontent/7beb9210c84d11 Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-9870479fe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:269a:e800:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7d02f7c3ded5b3e41f50090cf3c9a31c15f455b3f370316c054577aef37168e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 10:42:05 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 2d74eb05f17e8cd9ca29da65d3b3ff48.cloudfront.net (CloudFront) x-amz-cf-pop MRS52-P5 age 35264 x-cache Hit from cloudfront content-length 13998 access-control-max-age 7200 access-control-allow-methods GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE content-type application/json access-control-allow-origin https://www.ecu.com access-control-expose-headers cache-control public, max-age=31536000 vary Origin access-control-allow-headers Content-Type, Accept, Authorization x-amz-cf-id a6-kEOBkCCmvGlrf0_REB4N8AhvqX2WrDCuB4aTBQ7iFgJNQ0tSSsA==
GET H2	200	/ www.facebook.com/tr/	0 185 B	39ms 8ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=350100730149698&ev=PageView&dl=https%3A%2F%2Fwww.ecu.com&rl=&if=false&ts=1698179389540&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=28&fbp=fb.1.1698179389535.755079229&pm=1&hrl=b4efec&ler=empty&it=1698179389407&coo=false&cs_cc=1&ccs=2368152036665415&cas=3795046067262098&rqm=GET Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 24 Oct 2023 20:29:49 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	main.MTVkMmViMGJhMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	415 KB 108 KB	13ms 13ms	Script application/javascript	23.53.43.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTVkMmViMGJhMQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCOUGH3C77U8584IB53G&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-53-43-185.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 37ca47de0875287dda60c0a5403605db5ceae15909840aee94bb4641e2233e6f Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-akamai-request-id 2cb616d date Tue, 24 Oct 2023 20:29:49 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202310241332163268478B83461DD9B4D1 vary Accept-Encoding x-cache TCP_HIT from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01e60bdef5b284b48f06c6d75dd99c448b314c5354e04bdcb28fabe83ab84769dc504eb3e762d5bf7d5295d990ce5f0fe61916a9745191dd9ce0e88deb406b262fbc5623d7b5146bb2e2138521f4ecdfd0ae8668b38dec4de623a0cf6d7b2a738a server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=2 content-length 110083
GET DATA	200 OK	truncated /	41 KB 41 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9213ac17b151af2419644a4dc52b1e944d29797ffe61dc8d8e0be784114026f9 Request headers Referer Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Content-Type application/font-woff
POST H2	200	p tr.snapchat.com/	0 89 B	22ms 22ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 24 Oct 2023 20:29:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway access-control-allow-origin https://www.ecu.com x-envoy-upstream-service-time 1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	en-US.json Show response cdn.userway.org/widgetapp/2023-10-20-17-59-37/locales/	500 B 945 B	16ms 16ms	XHR application/json	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/locales/en-US.json Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:49 GMT via 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront) content-encoding gzip x-age-lb 354315 x-amz-cf-pop FRA60-P3 age 68 x-amz-server-side-encryption AES256 x-77-cache HIT x-accel-date 1697825074 x-77-nzt AZySIYs3Nzf/C2gFAA x-accel-expires @1723745074 x-77-age 354315 x-cache-lb HIT last-modified Fri, 20 Oct 2023 18:02:00 GMT server CDN77-Turbo etag W/"6c501e56c0883817da65e6df9f4417ee" x-77-nzt-ray cf878727c93b405c3d29386568f9e22e access-control-max-age 3000 vary Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/json x-amz-cf-id GVkg2b6xb0r2MpL3gnxSOXN2hCozP_qxPyXBJwGRpPTx1w5h2sZy_Q==
GET H2	200	saq_pxl Show response tags.srv.stackadapt.com/	138 B 329 B	98ms 98ms	XHR text/plain	35.157.233.159 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/saq_pxl?uid=Kafax8pHhY8hj8OTsjZwzQ&is_js=true&landing_url=https%3A%2F%2Fwww.ecu.com%2F&t=Home%20%7C%20Educators%20Credit%20Union&tip=IY7tWb22dszcp4C4YNDVYAtG1y58Q7tJRDknDiU5TZA&host=https%3A%2F%2Fwww.ecu.com&sa_conv_data_css_value=%270-336e0d56-0fff-5915-5a29-44fc5b8cf717%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9336e0d560fff59155a2944fc5b8cf717b2a2d18b&sa-user-id-v3=s%253AAQAKIDO-WQ0_wH3PD3SvjJcfmmPwDz8lWN12UKNoD5HwyPaVEHwYBCC90uCpBjABOgTLdGrUQgSFKB6Y.Zot5Z5mfHxQ8pvRtp6FwP7WLeTG7tHb%252BWJJTui593xI&sa-user-id-v2=s%253AM24NVg__WRVaKUT8W4z3F7Ki0Ys.9hlKZgPckXzNGaiJEcAwsq6kXPSLJPM4N1QxXk8F08A&sa-user-id=s%253A0-336e0d56-0fff-5915-5a29-44fc5b8cf717.bQBwRV0mIo%252FlmMdZUMACcoZxsWTw2jV1VBTKt0GPBjQ Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.157.233.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-233-159.eu-central-1.compute.amazonaws.com Software / Resource Hash d15e073d4ef005fbc0fc649440c4f990719382a18d4ee052b6fd5415f468f52e Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers access-control-allow-origin https://www.ecu.com date Tue, 24 Oct 2023 20:29:49 GMT access-control-allow-credentials true access-control-allow-headers * content-length 138 access-control-allow-methods GET content-type text/plain; charset=utf-8
GET H2	200	identify_72059.js Show response analytics.tiktok.com/i18n/pixel/static/	134 KB 36 KB	12ms 12ms	Script application/javascript	23.53.43.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_72059.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTVkMmViMGJhMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-53-43-185.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 70242b7559c38404934267e32fa95b7ab11a7f1f8ec793c34b96e84aed7a42b1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-akamai-request-id 2cb624d date Tue, 24 Oct 2023 20:29:49 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202310241332098F801DC58C02C336A111 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01b4140947afc16e218ac160c025318f3b87ed6131af8a6623082c6fe882c8d2d2b70839be9d8cb73990ffeb68b2fb2aee0f5b8efce597edf8ff8464da45719c777770acf5e13bb7f776daa1e6109f20ccd94eaaa53aa2a4bb86ca32ca7785497e server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=3 content-length 36067
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 792 B	149ms 149ms	Ping text/plain	23.53.43.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTVkMmViMGJhMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-53-43-185.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id ceb04ff.2cb62ee date Tue, 24 Oct 2023 20:29:50 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-) x-parent-response-time 117,23.53.43.181 server-timing cdn-cache; desc=MISS, edge; dur=108, origin; dur=31, inner; dur=27 content-length 0 pragma no-cache server nginx x-tt-logid 2023102420294990807FF3687F7BF5168F x-cache-remote TCP_MISS from a23-218-223-15.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3.1605-50913535) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 31,23.218.223.15 x-tt-trace-host 01128794241a0440577c21ec3d6a4c9390c475247ce2325e889ca012b297b8a4a020ca3bc91980ea0130290856235751cb31c7c9a101b981fe5b84d0a178b28e106bc494e3b99fa33663dbd01992ebdd174fc4770186dc4d57a71ca55f5a461b438f782eec3d48074fd3762a16875dd3ce access-control-allow-headers Authorization,* expires Tue, 24 Oct 2023 20:29:50 GMT
OPTIONS H/1.1	204 No Content	event connect.segmint.net/ Frame	0 0	492ms 104ms	Preflight	52.87.127.42 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/event Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.87.127.42 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-87-127-42.compute-1.amazonaws.com Software openresty / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS, HEAD Access-Control-Allow-Origin https://www.ecu.com Access-Control-Max-Age 1728000 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Date Tue, 24 Oct 2023 20:29:50 GMT Expires 0 P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Pragma no-cache Server openresty
GET H2	200	modal Show response d4hldqmvpzsy0.cloudfront.net/buttons/10/	3 KB 5 KB	40ms 40ms	Script text/javascript	2600:9000:262b:1a00:1e:28bc:9200:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d4hldqmvpzsy0.cloudfront.net/buttons/10/modal?_=1698179389553 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:262b:1a00:1e:28bc:9200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ae1b971e10ed3acc55c5973d01971585e203cfab2630698be5807e74faef40d0 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=63072000 access-control-request-method * x-content-type-options nosniff date Tue, 24 Oct 2023 20:29:49 GMT via 1.1 b3c3867bcc3f09d634cc38a60db5bb78.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop CDG52-P5 age 1614 content-security-policy-report-only default-src 'none'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; img-src 'self' data: www.google-analytics.com https://www.googletagmanager.com; object-src 'none'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com *.shastic.com 'unsafe-hashes' 'sha256-N1n8lEiVVZOM5rS6yBFq6m833AxXV2V/7UOwNfczbbM=' 'sha256-7k0KsnfUjFEjvJCUWut+Njx57UyP3VvQTaHR/L7yQbc=' 'sha256-l8qQFu8yWLcCf1/TPUibdSC7VDqewe3RNEbBV9dyjrU=' 'sha256-p6rSmVeVTWPB/za28mNNs/QI2ic8M4nUVc4EYcWYMOE=' 'sha256-Y6YpgJJl0KtCoXBxFuFNOssI/Glj/RPD2y27HSF2tPg=' 'sha256-++TiC24fZiZGljBvcKrFCIZx6X8vu4E/wGdFFESzDd8=' 'sha256-E33VWjDI3/z+nlU/Ykmcppvx7MqoJHfbJtxxzp1dGAM=' 'sha256-n/esseyVYGG+GCF6qaTJHZfNwDu3aJseMcqvfCRQuyA=' 'sha256-Rzj30L11Mf0IRh4QlJynwWH0+pdskxK7WXadLKR0C/w=' 'sha256-qI5HaxY/ttSrJgxLP4OPIUzvz+TjSzXonAEKWeEgrIg=' 'sha256-m/LGoWmOeoDtXitWUGQN3pH5ErIhnsXPxMkZ1whERQU=' 'sha256-bSnLdomH/FV/v4kVCHaYmYJB4N0+BuAtipB+Jo1sCEk=' 'sha256-0/D2Qm73weNH+bYFQh4ntqlwKUbbuOPi5ZKjABm81IM='; style-src * 'unsafe-inline'; connect-src 'self' www.google-analytics.com https://elleauth.shastic.com *.shastic.com; frame-ancestors https:; form-action 'self' *.shastic.com; media-src 'self' *.shastic.com; base-uri 'self'; report-uri /csp-reports x-cache Hit from cloudfront x-xss-protection 1; mode=block x-request-id 645f479a-ba09-4c5c-8ac2-f06817f5b084 pragma public x-runtime 0.010153 referrer-policy strict-origin-when-cross-origin server nginx etag W/"ae1b971e10ed3acc55c5973d01971585" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, PUT, DELETE, GET, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=1800, public vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization x-amz-cf-id M1WpsiTl--VkYGzqSiuiYZhSA4cDVmwpm8KERuHQDaH-woZeiVK1zQ== expires Tue, 24 Oct 2023 15:32:55 -0500
GET H2	200	customizations Show response d4hldqmvpzsy0.cloudfront.net/buttons/10/	9 KB 11 KB	492ms 460ms	XHR application/json	2600:9000:262b:1a00:1e:28bc:9200:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d4hldqmvpzsy0.cloudfront.net/buttons/10/customizations Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:262b:1a00:1e:28bc:9200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 4de3b41b7732c3cc86e90638977d323aa2a81db58fc004ef99435555bcf465df Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=63072000 access-control-request-method * x-content-type-options nosniff date Tue, 24 Oct 2023 20:29:50 GMT via 1.1 67ffdd2ec6e280830e7ef1d09212a7dc.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop CDG52-P5 content-security-policy-report-only default-src 'none'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; img-src 'self' data: www.google-analytics.com https://www.googletagmanager.com; object-src 'none'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com *.shastic.com 'unsafe-hashes' 'sha256-N1n8lEiVVZOM5rS6yBFq6m833AxXV2V/7UOwNfczbbM=' 'sha256-7k0KsnfUjFEjvJCUWut+Njx57UyP3VvQTaHR/L7yQbc=' 'sha256-l8qQFu8yWLcCf1/TPUibdSC7VDqewe3RNEbBV9dyjrU=' 'sha256-p6rSmVeVTWPB/za28mNNs/QI2ic8M4nUVc4EYcWYMOE=' 'sha256-Y6YpgJJl0KtCoXBxFuFNOssI/Glj/RPD2y27HSF2tPg=' 'sha256-++TiC24fZiZGljBvcKrFCIZx6X8vu4E/wGdFFESzDd8=' 'sha256-E33VWjDI3/z+nlU/Ykmcppvx7MqoJHfbJtxxzp1dGAM=' 'sha256-n/esseyVYGG+GCF6qaTJHZfNwDu3aJseMcqvfCRQuyA=' 'sha256-Rzj30L11Mf0IRh4QlJynwWH0+pdskxK7WXadLKR0C/w=' 'sha256-qI5HaxY/ttSrJgxLP4OPIUzvz+TjSzXonAEKWeEgrIg=' 'sha256-m/LGoWmOeoDtXitWUGQN3pH5ErIhnsXPxMkZ1whERQU=' 'sha256-bSnLdomH/FV/v4kVCHaYmYJB4N0+BuAtipB+Jo1sCEk=' 'sha256-0/D2Qm73weNH+bYFQh4ntqlwKUbbuOPi5ZKjABm81IM='; style-src * 'unsafe-inline'; connect-src 'self' www.google-analytics.com https://elleauth.shastic.com *.shastic.com; frame-ancestors https:; form-action 'self' *.shastic.com; media-src 'self' *.shastic.com; base-uri 'self'; report-uri /csp-reports x-cache RefreshHit from cloudfront x-xss-protection 1; mode=block x-request-id 3d60ffed-a20e-41d4-9060-15f53f108d06 pragma public x-runtime 0.017431 referrer-policy strict-origin-when-cross-origin server nginx etag W/"4de3b41b7732c3cc86e90638977d323a" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, PUT, DELETE, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=1800, public vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization x-amz-cf-id jyoEdAJahxCrBtnWNo5uHqGWp63RJTt0gc3Wju9-UoqcUCNwYWRlpg== expires Tue, 24 Oct 2023 15:59:50 -0500
POST H/1.1	200 OK	event Show response connect.segmint.net/	0 636 B	142ms 109ms	XHR text/plain	52.87.127.42 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/event Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.87.127.42 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-87-127-42.compute-1.amazonaws.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/json Response headers Pragma no-cache Date Tue, 24 Oct 2023 20:29:43 GMT Server openresty P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Access-Control-Allow-Origin https://www.ecu.com Content-Type text/plain;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-Application-Context site-event-receiver-service:prod:7084 Expires 0
GET H/1.1	200 OK	en1qq5qnM4 Show response connect.segmint.net/iframe/doughnut/ Frame 6A83	509 B 1 KB	522ms 118ms	Document text/html	52.87.127.42 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/iframe/doughnut/en1qq5qnM4 Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.87.127.42 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-87-127-42.compute-1.amazonaws.com Software openresty / Resource Hash 0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ecu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Credentials true Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Language de-DE Content-Length 307 Content-Type text/html;charset=UTF-8 Date Tue, 24 Oct 2023 20:29:50 GMT Expires 0 P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Pragma no-cache Server openresty Vary Accept-Encoding X-Application-Context offer-delivery:prod:7074 X-B3-Sampled 1 X-B3-SpanId b09aec8ae5df4b79 X-B3-TraceId b09aec8ae5df4b79 X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block
GET H2	200	p Show response i.simpli.fi/	798 B 1 KB	39ms 18ms	Script application/javascript	35.234.162.151 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=396441&cb=sifi_att_42656._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/2e5bca30-3cfc-013b-a710-0cc47abd0334 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 151.162.234.35.bc.googleusercontent.com Software openresty / Resource Hash 25eadc13c56f710dc139099307f495d8dcea866194865019179dd1473d797197 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers content-type application/javascript; charset=UTF-8 pragma no-cache date Tue, 24 Oct 2023 20:29:49 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 server openresty expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	engageware-bundle.js Show response integration-cdn.silvercloudinc.com/js/bundle/	297 KB 96 KB	70ms 12ms	XHR application/javascript	65.9.66.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integration-cdn.silvercloudinc.com/js/bundle/engageware-bundle.js Requested by Host: integration.silvercloudinc.com URL: https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-65.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 0c6ef965315adcdcbae0d3bf720a0061b5a2a7b4a0238f523af8c2e352a71bdb Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 08:24:08 GMT content-encoding gzip via 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 01:28:43 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 53522 x-amz-server-side-encryption AES256 etag W/"ee9faa8259c026e7a4d14898cbc4c894" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id Hbs98fVIejF0jLT8Gm-s603Kvt4IA3xNr9WDhe2aiJk0bv_O2OfHyw==
GET H/1.1	200 OK	ord=1698179389891 alpixtrack.com/ad/	35 B 271 B	414ms 126ms	Image image/gif	130.211.141.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://alpixtrack.com/ad/ord=1698179389891?prd=web&cust=3770542-617-WISN&event_type=visit&version=0.1.2&utm_source=unk&utm_mdm=unk&url=https%3A%2F%2Fwww.ecu.com%2F&title=Home%20%7C%20Educators%20Credit%20Union&sess_status=st&sess=1698179894670&ref= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 130.211.141.45 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.141.211.130.bc.googleusercontent.com Software nginx/1.20.0 / Resource Hash 3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Tue, 24 Oct 2023 20:29:50 GMT Server nginx/1.20.0 ETag "560c609e-23" Vary Origin Content-Type image/gif Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 35
OPTIONS H2	204	8ba13ba6-4da4-48e4-a5f9-5f89bce240fa api.salemove.com/sites/968111e8-8800-4cec-b46e-f731f70e1238/visitors/ Frame	0 0	116ms 116ms	Preflight	2600:9000:269a:e800:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.salemove.com/sites/968111e8-8800-4cec-b46e-f731f70e1238/visitors/8ba13ba6-4da4-48e4-a5f9-5f89bce240fa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:269a:e800:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method PATCH Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,content-type access-control-allow-methods GET, HEAD, POST, PATCH, PUT, DELETE, OPTIONS access-control-allow-origin * access-control-max-age 86400 date Tue, 24 Oct 2023 20:29:49 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 2d74eb05f17e8cd9ca29da65d3b3ff48.cloudfront.net (CloudFront) x-amz-cf-id rn18dZ8BNA37qN_YcqYYtkTA5QKnWf8QGj7hLip_WqwrbMHV87XlUg== x-amz-cf-pop MRS52-P5 x-cache Miss from cloudfront
PATCH H2	200	8ba13ba6-4da4-48e4-a5f9-5f89bce240fa Show response api.salemove.com/sites/968111e8-8800-4cec-b46e-f731f70e1238/visitors/	194 B 702 B	138ms 138ms	XHR application/json	2600:9000:269a:e800:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.salemove.com/sites/968111e8-8800-4cec-b46e-f731f70e1238/visitors/8ba13ba6-4da4-48e4-a5f9-5f89bce240fa Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-9870479fe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:269a:e800:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ce59ac912177910e605df0e9b063072686dd15fe98af6ea70af452b7fd663b15 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept application/vnd.salemove.private+json Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 Authorization Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImU1M2UxZTJkLTc1ZDUtNDcxZi1iZGY0LWIyYzI4YWY4NTg3MCJ9.eyJpYXQiOjE2OTgxNzkzODksImV4cCI6MTY5OTM4ODk4OSwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjo4YmExM2JhNi00ZGE0LTQ4ZTQtYTVmOS01Zjg5YmNlMjQwZmEiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiOGJhMTNiYTYtNGRhNC00OGU0LWE1ZjktNWY4OWJjZTI0MGZhIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6Ijk2ODExMWU4LTg4MDAtNGNlYy1iNDZlLWY3MzFmNzBlMTIzOCIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiOTY4MTExZTgtODgwMC00Y2VjLWI0NmUtZjczMWY3MGUxMjM4Il19XSwiYWNjb3VudF9pZCI6IjQzZjc5ZjFkLWVjYTYtNDQwMC04ZThjLWZlZDgzOTQwYmY4ZSJ9.LK3BK6YqTLYbRb0dBSc7PCS4TnLvIZaktWCB_9UlzIY1uWU7yHmhnu_85AymIstJosPywf_cZ7AERsBewZqfXw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/json Response headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 2d74eb05f17e8cd9ca29da65d3b3ff48.cloudfront.net (CloudFront) x-amz-cf-pop MRS52-P5 x-cache Miss from cloudfront content-length 194 access-control-max-age 86400 access-control-allow-methods GET, HEAD, POST, PATCH, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin * access-control-expose-headers vary Origin access-control-allow-credentials true access-control-allow-headers authorization,content-type x-amz-cf-id h4QVkgiLO5doge-iRZWxI5UNFeU_M_WvqiJULHxeU36uuU7CKzn-yQ==
GET H2	204	/ s.ad.smaato.net/c/ Redirect Chain https://um.simpli.fi/smaato https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=6E9026959AD04534A6881F46EAA69D2D	0 238 B	83ms 37ms	Image text/plain	2600:9000:211e:ca00:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=6E9026959AD04534A6881F46EAA69D2D Protocol H2 Server 2600:9000:211e:ca00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT cache-control no-cache, must-revalidate via 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-C2 x-amz-cf-id 6EQPMDjTW8WP9urzrcpcZODUcmTXvRpCEQIFXAie1xd6UbKVBJ_3ow== x-cache Miss from cloudfront Redirect headers date Tue, 24 Oct 2023 20:29:49 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=6E9026959AD04534A6881F46EAA69D2D access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:49 GMT
GET H2	200	RX-d42aca7b-4f2e-4af1-8c4f-9e05d7bca66b-003 sync.targeting.unrulymedia.com/csync/ Redirect Chain https://um.simpli.fi/nexxen https://sync.1rx.io/usersync/simplifi/6E9026959AD04534A6881F46EAA69D2D https://sync.1rx.io/usersync/simplifi/6E9026959AD04534A6881F46EAA69D2D?zcc=1&cb=1698179390111 https://sync.targeting.unrulymedia.com/csync/RX-d42aca7b-4f2e-4af1-8c4f-9e05d7bca66b-003	43 B 378 B	55ms 13ms	Image image/gif	46.228.174.117 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.targeting.unrulymedia.com/csync/RX-d42aca7b-4f2e-4af1-8c4f-9e05d7bca66b-003 Protocol H2 Server 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT content-length 43 p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Redirect headers location https://sync.targeting.unrulymedia.com/csync/RX-d42aca7b-4f2e-4af1-8c4f-9e05d7bca66b-003 pragma no-cache date Tue, 24 Oct 2023 20:29:50 GMT cache-control no-store, no-cache, must-revalidate expires 0 content-type text/html
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://um.simpli.fi/triplelift https://eb2.3lift.com/xuid?mid=7969&xuid=6E9026959AD04534A6881F46EAA69D2D&dongle=yf3	37 B 140 B	36ms 15ms	Image image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=7969&xuid=6E9026959AD04534A6881F46EAA69D2D&dongle=yf3 Protocol H2 Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers date Tue, 24 Oct 2023 20:29:49 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://eb2.3lift.com/xuid?mid=7969&xuid=6E9026959AD04534A6881F46EAA69D2D&dongle=yf3 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:49 GMT
GET H2	200	sync simplifi.partners.tremorhub.com/ Redirect Chain https://um.simpli.fi/telaria_p https://simplifi.partners.tremorhub.com/sync?UISF=6E9026959AD04534A6881F46EAA69D2D	43 B 175 B	320ms 100ms	Image image/gif	2600:1f18:612b:4264:b952:b781:6b65:e0f4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://simplifi.partners.tremorhub.com/sync?UISF=6E9026959AD04534A6881F46EAA69D2D Protocol H2 Server 2600:1f18:612b:4264:b952:b781:6b65:e0f4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Tue, 24 Oct 2023 20:29:50 GMT server nginx content-type image/gif Redirect headers date Tue, 24 Oct 2023 20:29:49 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://simplifi.partners.tremorhub.com/sync?UISF=6E9026959AD04534A6881F46EAA69D2D access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:49 GMT
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Redirect Chain https://um.simpli.fi/tapad https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=6E9026959AD04534A6881F46EAA69D2D https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=6E9026959AD04534A6881F46EAA69D2D	95 B 436 B	32ms 32ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=6E9026959AD04534A6881F46EAA69D2D Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=6E9026959AD04534A6881F46EAA69D2D alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	empty.gif um.simpli.fi/ Redirect Chain https://um.simpli.fi/ad_advisor https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=6E9026959AD04534A6881F46EAA69D2D https://d.agkn.com/pixel/10751/?che=1698179390095&ip=178.162.209.139&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217083104679005437627 https://um.simpli.fi/aa_px?sk=217083104679005437627 https://um.simpli.fi/empty.gif	43 B 361 B	18ms 17ms	Image image/gif	35.204.158.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/empty.gif Protocol H2 Server 35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.158.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location /empty.gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142
GET H2	403	ProfilesEngineServlet sync.intentiq.com/profiles_engine/ Redirect Chain https://um.simpli.fi/intentiq https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=6E9026959AD04534A6881F46EAA69D2D	0 0	103ms 15ms	Image text/html	18.165.183.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=6E9026959AD04534A6881F46EAA69D2D Protocol H2 Server 18.165.183.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-183-119.zrh55.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=6E9026959AD04534A6881F46EAA69D2D access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H2	200	pubmatic um.simpli.fi/	43 B 409 B	19ms 16ms	Image image/gif	35.204.158.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.158.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H2	200	freewheel um.simpli.fi/	43 B 409 B	19ms 16ms	Image image/gif	35.204.158.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/freewheel Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.158.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H2	204	cms ups.analytics.yahoo.com/ups/58726/ Redirect Chain https://um.simpli.fi/dtnx https://fei.pro-market.net/engine?du=24;csync=6E9026959AD04534A6881F46EAA69D2D;mimetype=img; https://fei.pro-market.net/engine?du=24;csync=6E9026959AD04534A6881F46EAA69D2D;mimetype=img;sr https://cms.analytics.yahoo.com/cms?partner_id=DATCS https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS	0 87 B	11ms 10ms	Image text/plain	3.75.62.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS Protocol H2 Server 3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-62-37.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.87 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS date Tue, 24 Oct 2023 20:29:50 GMT cache-control no-store content-type text/html server ATS/9.1.10.87 content-length 344 content-language en
GET H2	204	/ loadm.exelator.com/load/ Redirect Chain https://um.simpli.fi/exelatem https://loadm.exelator.com/load/?p=204&g=2191&simid=6E9026959AD04534A6881F46EAA69D2D&j=0 https://loadm.exelator.com/load/?p=204&g=2191&simid=6E9026959AD04534A6881F46EAA69D2D&j=0&xl8blockcheck=1	0 771 B	40ms 39ms	Image text/plain	34.254.143.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=2191&simid=6E9026959AD04534A6881F46EAA69D2D&j=0&xl8blockcheck=1 Protocol H2 Server 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-143-3.eu-west-1.compute.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Redirect headers date Tue, 24 Oct 2023 20:29:51 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://loadm.exelator.com/load/?p=204&g=2191&simid=6E9026959AD04534A6881F46EAA69D2D&j=0&xl8blockcheck=1 content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	200	yahoo um.simpli.fi/	43 B 409 B	20ms 17ms	Image image/gif	35.204.158.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/yahoo Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.158.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H/1.1	204	sync sync.bfmio.com/ Redirect Chain https://um.simpli.fi/beachfront https://sync.bfmio.com/sync?pid=141&uid=6E9026959AD04534A6881F46EAA69D2D	0 421 B	460ms 103ms	Image text/plain	52.203.124.181 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bfmio.com/sync?pid=141&uid=6E9026959AD04534A6881F46EAA69D2D Protocol HTTP/1.1 Server 52.203.124.181 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-203-124-181.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Connection keep-alive Date Tue, 24 Oct 2023 20:29:49 GMT Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.bfmio.com/sync?pid=141&uid=6E9026959AD04534A6881F46EAA69D2D access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H2	200	29931 stags.bluekai.com/site/ Redirect Chain https://um.simpli.fi/bluekai https://stags.bluekai.com/site/29931?id=6E9026959AD04534A6881F46EAA69D2D	62 B 445 B	341ms 215ms	Image image/gif	72.246.169.24 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stags.bluekai.com/site/29931?id=6E9026959AD04534A6881F46EAA69D2D Protocol H2 Server 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-246-169-24.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Tue, 24 Oct 2023 20:29:50 GMT content-length 62 content-type image/gif Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://stags.bluekai.com/site/29931?id=6E9026959AD04534A6881F46EAA69D2D access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H2	404	tpid=6E9026959AD04534A6881F46EAA69D2D bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Redirect Chain https://um.simpli.fi/crwdcntrl https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=6E9026959AD04534A6881F46EAA69D2D	49 B 265 B	110ms 33ms	Image image/gif	99.81.194.117 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=6E9026959AD04534A6881F46EAA69D2D Protocol H2 Server 99.81.194.117 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-194-117.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:50 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.3.84 content-length 49 expires 0 Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=6E9026959AD04534A6881F46EAA69D2D access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H/1.1	204 No Content	merge ce.lijit.com/ Redirect Chain https://um.simpli.fi/lj_match https://ce.lijit.com/merge?pid=2&3pid=6E9026959AD04534A6881F46EAA69D2D	0 311 B	83ms 21ms	Image text/plain	216.52.2.39 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=6E9026959AD04534A6881F46EAA69D2D Protocol HTTP/1.1 Server 216.52.2.39 New York, United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Expires Fri, 20 Mar 2009 00:00:00 GMT Pragma no-cache Date Tue, 24 Oct 2023 20:29:50 GMT X-MERGE GDPR Optout true Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap7ams1 P3P CP="CUR ADM OUR NOR STA NID" Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ce.lijit.com/merge?pid=2&3pid=6E9026959AD04534A6881F46EAA69D2D access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H2	451	419566.gif idsync.rlcdn.com/ Redirect Chain https://um.simpli.fi/liveramp_match https://idsync.rlcdn.com/419566.gif?partner_uid=6E9026959AD04534A6881F46EAA69D2D	0 98 B	65ms 25ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/419566.gif?partner_uid=6E9026959AD04534A6881F46EAA69D2D Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://idsync.rlcdn.com/419566.gif?partner_uid=6E9026959AD04534A6881F46EAA69D2D access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H2	200	/ www.google.de/pagead/1p-conversion/1026675585/ Redirect Chain https://www.googleadservices.com/pagead/conversion/1026675585/?random=1698179389916&cv=7&fst=1698179389916&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1032484757&cv=7&fst=1698179389916&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=... https://www.google.com/pagead/1p-conversion/1026675585/?random=1032484757&cv=7&fst=1698179389916&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIruK5m... https://www.google.de/pagead/1p-conversion/1026675585/?random=1032484757&cv=7&fst=1698179389916&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIruK5ms...	42 B 154 B	29ms 29ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/1026675585/?random=1032484757&cv=7&fst=1698179389916&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIruK5msOPggMVn6H9Bx0oBAyB&is_vtc=1&ocp_id=Pik4Za5Ln8P27w-oiLCICA&cid=CAQSKQDICaaNxuXU_0PVUakdky9anQ65xc5G6Kb1EAJP5NuuPCi3nRQgUe9b&random=1718921464&ipr=y Protocol H2 Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:50 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 24 Oct 2023 20:29:50 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/1026675585/?random=1032484757&cv=7&fst=1698179389916&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIruK5msOPggMVn6H9Bx0oBAyB&is_vtc=1&ocp_id=Pik4Za5Ln8P27w-oiLCICA&cid=CAQSKQDICaaNxuXU_0PVUakdky9anQ65xc5G6Kb1EAJP5NuuPCi3nRQgUe9b&random=1718921464&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	spotx_match um.simpli.fi/	0 272 B	29ms 26ms	Image text/plain	35.204.158.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/spotx_match Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.158.204.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers access-control-allow-origin * date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS
GET H2	200	bounce ib.adnxs.com/ Redirect Chain https://um.simpli.fi/an https://ib.adnxs.com/setuid?entity=66&code=6E9026959AD04534A6881F46EAA69D2D https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D6E9026959AD04534A6881F46EAA69D2D	43 B 894 B	22ms 21ms	Image image/gif	37.252.171.149 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D6E9026959AD04534A6881F46EAA69D2D Protocol H2 Server 37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:50 GMT an-x-request-uuid 159006c7-c071-4210-9f43-79a5b6429cdc server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 178.162.209.139; 178.162.209.139; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 24 Oct 2023 20:29:50 GMT an-x-request-uuid a722ff2e-736c-47cb-9612-cbaa2b2bde29 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D6E9026959AD04534A6881F46EAA69D2D cache-control no-store, no-cache, private x-proxy-origin 178.162.209.139; 178.162.209.139; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Redirect Chain https://um.simpli.fi/rb_match https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=6E9026959AD04534A6881F46EAA69D2D&expires=365	0 239 B	46ms 9ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=6E9026959AD04534A6881F46EAA69D2D&expires=365 Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 402fba8a82f093def2459220061c8d31 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=6E9026959AD04534A6881F46EAA69D2D&expires=365 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://um.simpli.fi/ox_match https://us-u.openx.net/w/1.0/sd?id=537072966&val=6E9026959AD04534A6881F46EAA69D2D	43 B 273 B	60ms 22ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072966&val=6E9026959AD04534A6881F46EAA69D2D Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:50 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://us-u.openx.net/w/1.0/sd?id=537072966&val=6E9026959AD04534A6881F46EAA69D2D access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H2	204	g_match um.simpli.fi/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= https://um.simpli.fi/g_match?id=&google_gid=CAESEC6kS139OCM_2ujfEzgEnU4&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6E9026959AD04534A6881F46EAA69D2D https://um.simpli.fi/g_match?id=	0 320 B	19ms 18ms	Image text/plain	35.204.158.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/g_match?id= Protocol H2 Server 35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.158.204.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Mon, 23 Oct 2023 20:29:50 GMT Redirect headers pragma no-cache date Tue, 24 Oct 2023 20:29:50 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://um.simpli.fi/g_match?id= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 229 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	p tr.snapchat.com/	0 15 B	26ms 26ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 24 Oct 2023 20:29:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway access-control-allow-origin https://www.ecu.com x-envoy-upstream-service-time 1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	14ms 14ms	Script text/javascript	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 24 Oct 2023 18:43:56 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 6354 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 24 Oct 2023 20:43:56 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	214 KB 77 KB	32ms 32ms	Script application/javascript	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZQGZZQ8T72 Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 908365daa84e4d0d67f1920139472cc846dd878b6b2446a026b4fcd9ca6b518e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78389 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 24 Oct 2023 20:29:50 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	214 KB 77 KB	44ms 43ms	Script application/javascript	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZQGZZQ8T72&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTWHZ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2d66da34f2794796d84141fc70f75b0a3091f3f742715367e6a63a17d979b18e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78514 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 24 Oct 2023 20:29:50 GMT
GET H2	200	0.engageware-bundle.js Show response integration-cdn.silvercloudinc.com/js/bundle/	40 KB 13 KB	39ms 20ms	Script application/javascript	65.9.66.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integration-cdn.silvercloudinc.com/js/bundle/0.engageware-bundle.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-65.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash afc751bd0ed4594108ba4127113bd285df6a8d9150a8bea7717128cf64aa2cf5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 10:36:07 GMT content-encoding gzip via 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 01:28:43 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 51303 x-amz-server-side-encryption AES256 etag W/"f8f518e4ca3cb1f8d10ba42447f992c2" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id rT3OlLs_2yBNF0r3GmaKXGIuJIntVkLDAmC_YqZzTeq_qEqQRDji-Q==
GET H2	200	9.engageware-bundle.js Show response integration-cdn.silvercloudinc.com/js/bundle/	32 KB 11 KB	37ms 19ms	Script application/javascript	65.9.66.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integration-cdn.silvercloudinc.com/js/bundle/9.engageware-bundle.js Requested by Host: www.ecu.com URL: https://www.ecu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-65.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 49d369becdc46c49609091b083d3f5e1085701b3bd1ecfff76b806ff314c69b1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 14:40:49 GMT content-encoding gzip via 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront) last-modified Tue, 10 Oct 2023 01:28:43 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 65123 x-amz-server-side-encryption AES256 etag W/"d617feb0e9e39b27a78fbadfeda3453a" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id _NBlaHNsQdzHswfZmvfDpnhyRXCeXlLQeR3lsdKgTo11oR9NR90rsg==
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 649 B	240ms 239ms	Ping text/plain	23.53.43.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTVkMmViMGJhMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-53-43-185.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 2cb6431 date Tue, 24 Oct 2023 20:29:50 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-) server-timing inner; dur=39, cdn-cache; desc=MISS, edge; dur=34, origin; dur=135 content-length 0 pragma no-cache server nginx x-tt-logid 2023102420295057F1AD842FA2BCFCFADE access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 135,23.53.43.181 x-tt-trace-host 01128794241a0440577c21ec3d6a4c939018c9479c7f9d44471402326cdcb065abcb1a9e180eedc2a9bb8fb781bb98420feeca4c41384b7d55abc03b3f27c32d51b803635a08c85a941dadf98ea3e62815a012849ca2a960508b2105e1190f9dfd access-control-allow-headers Authorization,* expires Tue, 24 Oct 2023 20:29:50 GMT
OPTIONS H2	204	/ litho.silvercloudinc.com/console/integration_widgets/60c35b7924c0674546b9a2d4/ Frame	0 0	299ms 294ms	Preflight	18.245.86.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/console/integration_widgets/60c35b7924c0674546b9a2d4/?product_id=60c27855d1a5b56c6e7383ba Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-65.fra60.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Type,Accept,Authorization access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, HEAD access-control-allow-origin https://www.ecu.com access-control-max-age 1728000 date Tue, 24 Oct 2023 20:29:50 GMT server nginx/1.14.0 (Ubuntu) via 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront) x-amz-cf-id r3H7bqHIULv6HpEtAd9Qrih-J53VOQvy_UX7h-GImd5riExkTr4yyw== x-amz-cf-pop FRA60-P6 x-cache Miss from cloudfront
GET H2	200	/ Show response litho.silvercloudinc.com/console/integration_widgets/60c35b7924c0674546b9a2d4/	3 KB 2 KB	162ms 162ms	XHR application/json	18.245.86.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://litho.silvercloudinc.com/console/integration_widgets/60c35b7924c0674546b9a2d4/?product_id=60c27855d1a5b56c6e7383ba Requested by Host: integration-cdn.silvercloudinc.com URL: https://integration-cdn.silvercloudinc.com/js/bundle/0.engageware-bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-65.fra60.r.cloudfront.net Software nginx/1.14.0 + Phusion Passenger(R) 6.0.18 / Phusion Passenger(R) Enterprise 6.0.18 Resource Hash d376a410a8c22e079a6a5bf682ed7ea73198efc691757fc282f1c4f2fb021e5d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept application/json,text/plain,*/*;version=1 Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 Authorization Token eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI1YjJiZDVlM2MxOTU5NDc2OTJhZTcwZjAiLCJpYXQiOjE2MjU4MzI2MzQsImF1ZCI6WyJ3d3cuZWN1LmNvbSIsInd3dy5lY3UuY29tIiwiZWN1LmNvbSIsImVjdS5jb20iLCJlZHVjYXRvcnNzdGFnaW5nLm9yYi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9yc3N0YWdpbmcub3JiLmFsa2FtaXRlY2guY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwib25saW5lYmFua2luZy5lY3UuY29tIiwiZWR1Y2F0b3JzLnFhMTAuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWExMC5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTQuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWE0LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMy5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5xYTMuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMucWEyLmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLnFhMi5hbGthbWl0ZWNoLmNvbSIsImVkdWNhdG9ycy5kZXYuYWxrYW1pdGVjaC5jb20iLCJlZHVjYXRvcnMuZGV2LmFsa2FtaXRlY2guY29tIiwiZWR1Y2F0b3JzLmxvY2FsIiwiZWR1Y2F0b3JzLmxvY2FsIiwic3RhZ2luZ2VjdS53cGVuZ2luZS5jb20iLCJzdGFnaW5nZWN1LndwZW5naW5lLmNvbSIsImVjdS5waXhlbHNwb2tlLXN0YWdpbmcuY29tIiwiZWN1LnBpeGVsc3Bva2Utc3RhZ2luZy5jb20iXSwicHJvZHVjdF9pZHMiOlsiNjBjMjc4NTVkMWE1YjU2YzZlNzM4M2JhIiwiNWIyYmQ1MWMzODdmMjMyMWUxZTY1NDE0Il19.-nQum5UERx-Eor_cmd1CUVjZd8BiIBLuDxX7DT63H_g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=31536000 content-encoding gzip via 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P6 x-powered-by Phusion Passenger(R) Enterprise 6.0.18 x-cache Miss from cloudfront status 200 OK x-request-id 0aa59481-efb2-4c9b-ba0f-c5a8a276808c x-runtime 0.042000 server nginx/1.14.0 + Phusion Passenger(R) 6.0.18 etag W/"d376a410a8c22e079a6a5bf682ed7ea7" access-control-max-age 7200 access-control-allow-methods OPTIONS, GET, POST, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://www.ecu.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id ExT6bEA50aCcjv7InypHBIya7l50P9sqNaGEmOVbiizAQUBLG8Dn9Q==
GET H2	200	remediation_1697824777924.js Show response cdn.userway.org/widgetapp/2023-10-20-17-59-37/remediation/	144 KB 39 KB	19ms 19ms	Script application/javascript	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/remediation/remediation_1697824777924.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 28f3d8e0893bc3b99f62b55e9d6e6584a10fbaed5e6ded58371240b1a0045e9f Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:50 GMT via 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront) content-encoding gzip x-age-lb 354341 x-amz-cf-pop FRA60-P3 age 38 x-amz-server-side-encryption AES256 x-77-cache HIT x-accel-date 1697825049 x-77-nzt AZySIYs3Nzf/JWgFAA x-accel-expires @1723745049 x-77-age 354341 x-cache-lb HIT last-modified Fri, 20 Oct 2023 18:02:00 GMT server CDN77-Turbo etag W/"e9f1c39de672c61d103978834877b5df" x-77-nzt-ray cf878727c93b405c3e293865c1013611 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id T2KsWEUP5lbNQZvnVfgsbIAz9cd4U6xlx2U0_LcTF7XQM7eAvc5_BA==
GET H2	200	Ytw1I5Kep8jDSBbS.json Show response cdn.userway.org/remediations/consolidated/2883316/	16 KB 5 KB	942ms 941ms	XHR application/json	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/remediations/consolidated/2883316/Ytw1I5Kep8jDSBbS.json Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 6ec89b3db66c2f7f0a32d5e5ba195c67949f5142590bfbde9805fa75eac4c895 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:51 GMT via 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA60-P3 x-amz-server-side-encryption AES256 x-77-cache MISS x-77-nzt ApySIYs3Nzeh1GY4nDc3N6E x-cache-lb MISS last-modified Mon, 23 Oct 2023 15:53:36 GMT server CDN77-Turbo etag W/"e1af33c564d1076fb1c651baa3b6ea78" x-77-nzt-ray cf878727c93b405c3e29386579047a11 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control public, max-age=31536000 content-type application/json x-amz-cf-id 15_Sbveke5Ix5UhGTnLj6W7XRTshE9ncg4L4VkghCzvFtJPN7yTMSg==
GET H2	200	live_translations_1697824777924.js Show response cdn.userway.org/widgetapp/2023-10-20-17-59-37/translations/	8 KB 4 KB	24ms 23ms	Script application/javascript	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/translations/live_translations_1697824777924.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 5efca17f86bf6505ed8afa48c40d1151d76d8ab0ae875be98f3d6ecb3ad7541c Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:50 GMT via 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront) content-encoding gzip x-age-lb 354254 x-amz-cf-pop FRA60-P3 age 62 x-amz-server-side-encryption AES256 x-77-cache HIT x-accel-date 1697825136 x-77-nzt AZySIYs3Nzf/zmcFAA x-accel-expires @1723745136 x-77-age 354254 x-cache-lb HIT last-modified Fri, 20 Oct 2023 18:02:01 GMT server CDN77-Turbo etag W/"ebc7f50c7a29da3af321aadfd533557a" x-77-nzt-ray cf878727c93b405c3e293865a6b87e11 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id jIm89hry8Tt5CMyFM6yf06y_KwTCuhiiZnp7qWIOkm8dmnW4HcUbaA==
GET H2	200	body_wh.svg cdn.userway.org/widgetapp/images/	931 B 1 KB	14ms 13ms	Image image/svg+xml	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/body_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:50 GMT via 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront) content-encoding gzip x-age-lb 11360517 x-amz-cf-pop DUS51-P1 age 318 x-amz-server-side-encryption AES256 x-77-cache HIT x-accel-date 1686818873 x-77-nzt AZySIYs3Nzf/BVmtAA x-accel-expires @1712738873 x-77-age 11360517 x-cache-lb HIT last-modified Fri, 13 Jan 2023 11:00:14 GMT server CDN77-Turbo etag W/"2ec2767a3bb93656fb9b75c893d7be75" x-77-nzt-ray cf8787274b3fdc593e2938652c046f14 access-control-max-age 3000 vary Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type image/svg+xml x-amz-cf-id 4hXSowR38llt_E5WrFxKDDxE6cDLwFwdYD5ZQBX-6o8r1oNdsRpvpw==
GET H2	200	spin_wh.svg cdn.userway.org/widgetapp/images/	2 KB 1 KB	15ms 14ms	Image image/svg+xml	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/spin_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:50 GMT via 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront) content-encoding gzip x-age-lb 11360517 x-amz-cf-pop DUS51-P1 age 318 x-amz-server-side-encryption AES256 x-77-cache HIT x-accel-date 1686818873 x-77-nzt AZySIYs3Nzf/BVmtAA x-accel-expires @1712738873 x-77-age 11360517 x-cache-lb HIT last-modified Fri, 13 Jan 2023 11:00:14 GMT server CDN77-Turbo etag W/"8e0a35946bf39d10f46a1f1653366a0a" x-77-nzt-ray cf8787274b3fdc593e293865c5177614 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type image/svg+xml x-amz-cf-id NU_cGKaYxQ9iXx8YuRrQu9yWk2r7AIrzkXtnKUVhhIZjDeb3DV_AdA==
GET H2	200	remediation-tool.js Show response cdn.userway.org/remediation/paid/	37 KB 14 KB	17ms 17ms	Script application/javascript	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1697824777924 Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 320db48546dbc7076280c7efebe750070cff9fa8d6f23ead46ca3238d9939118 Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:50 GMT via 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront) content-encoding gzip x-age-lb 354341 x-amz-cf-pop FRA60-P3 age 37 x-amz-server-side-encryption AES256 x-77-cache HIT x-accel-date 1697825049 x-77-nzt AZySIYs3Nzf/JWgFAA x-accel-expires @1723745049 x-77-age 354341 x-cache-lb HIT last-modified Fri, 20 Oct 2023 18:02:06 GMT server CDN77-Turbo etag W/"e2ebe17f6fbe02cac8314a7035b37b11" x-77-nzt-ray cf878727c93b405c3e293865f8543815 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id Rrv2AvYMMgjNKW2JcjJkMl_BvZ2JKWhnfjKwJv2YElgnmhtGdstXgw==
GET H2	200	Ytw1I5Kep8jDSBbS.json Show response cdn.userway.org/remediations/consolidated/2883316/	16 KB 5 KB	853ms 853ms	Fetch application/json	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/remediations/consolidated/2883316/Ytw1I5Kep8jDSBbS.json Requested by Host: cdn.userway.org URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1697824777924 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 6ec89b3db66c2f7f0a32d5e5ba195c67949f5142590bfbde9805fa75eac4c895 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ecu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:51 GMT via 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA60-P3 x-amz-server-side-encryption AES256 x-77-cache MISS x-77-nzt ApySIYs3Nzeh1GY4nDc3N8E x-accel-expires @1729715391 x-cache-lb MISS last-modified Mon, 23 Oct 2023 15:53:36 GMT server CDN77-Turbo etag W/"e1af33c564d1076fb1c651baa3b6ea78" x-77-nzt-ray cf878727c93b405c3e2938654b573117 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control public, max-age=31536000 content-type application/json x-amz-cf-id D_vfccSWmYXJQRQwtRfalS69Jd0ePREi3hOOcX1cKAtYF81IVzv-sA==
GET H/1.1	200 OK	cookie-mapper maprtb.segmint.net/rtb/simpli-fi/ Frame 6A83 Redirect Chain https://um.simpli.fi/segmint https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6E9026959AD04534A6881F46EAA69D2D	43 B 412 B	481ms 111ms	Image image/gif	52.87.127.42 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6E9026959AD04534A6881F46EAA69D2D Requested by Host: connect.segmint.net URL: https://connect.segmint.net/iframe/doughnut/en1qq5qnM4 Protocol HTTP/1.1 Server 52.87.127.42 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-87-127-42.compute-1.amazonaws.com Software openresty / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Oct 2023 20:29:50 GMT Server openresty X-B3-TraceId ba279b3724715e40 Content-Type image/gif; charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate X-B3-SpanId ba279b3724715e40 X-B3-Sampled 1 Connection keep-alive Content-Length 43 X-Application-Context cookie-mapper:prod:7077 Expires 0 Redirect headers date Tue, 24 Oct 2023 20:29:50 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6E9026959AD04534A6881F46EAA69D2D access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 23 Oct 2023 20:29:50 GMT
GET H2	200	ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response tag.simpli.fi/sifitag/ Frame 6A83	3 KB 3 KB	19ms 19ms	Script application/javascript	35.234.162.151 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6 Requested by Host: connect.segmint.net URL: https://connect.segmint.net/iframe/doughnut/en1qq5qnM4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 151.162.234.35.bc.googleusercontent.com Software openresty / Resource Hash 173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132 Request headers accept-language de-DE,de;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Tue, 24 Oct 2023 20:29:50 GMT server openresty content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 3101 x-request-id F5ElKINQI9PYgahkpqkB expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	p Show response i.simpli.fi/ Frame 6A83	40 B 235 B	18ms 17ms	Script application/javascript	35.234.162.151 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 151.162.234.35.bc.googleusercontent.com Software openresty / Resource Hash 4024823caf7d29310cc3dab0e50fb3e3f4347ec7b3961f3fed0a9b83690dd85e Request headers accept-language de-DE,de;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers content-type application/javascript; charset=UTF-8 pragma no-cache date Tue, 24 Oct 2023 20:29:50 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 server openresty expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	nav_menu_helper_1697824777924.js Show response cdn.userway.org/widgetapp/2023-10-20-17-59-37/remediation/	23 KB 7 KB	16ms 15ms	Script application/javascript	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/remediation/nav_menu_helper_1697824777924.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 6f1d1849e7fe5e6ca4b209d8e80cfd64e00291a78e0836af595f432f1b767180 Request headers Referer https://www.ecu.com/ Origin https://www.ecu.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:51 GMT via 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront) content-encoding gzip x-age-lb 354341 x-amz-cf-pop FRA60-P3 age 36 x-amz-server-side-encryption AES256 x-77-cache HIT x-accel-date 1697825050 x-77-nzt AZySIYs3Nzf/JWgFAA x-accel-expires @1723745050 x-77-age 354341 x-cache-lb HIT last-modified Fri, 20 Oct 2023 18:02:00 GMT server CDN77-Turbo etag W/"16ddc24f8d4cae65f35a3e9940fa747b" x-77-nzt-ray cf878727c93b405c3f293865bfd03815 access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id SbW-tJLI5HkdvHrn612GLrl-9NFBpa5rifD49WLegT_pDba5UR5E-w==
OPTIONS H2	200	alts.json cdn.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/7ymg5pujDQ3alYqH/ Frame	0 0	112ms 112ms	Preflight	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/7ymg5pujDQ3alYqH/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FBobby-Portis_WebsiteHomepage-01-scaled.jpg%22%2C%22alt%22%3A%22Bobby%20Portis%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FFraud-Awareness_Digital-Ads_2023-09_Blog-2-300x200-1.jpg%22%2C%22alt%22%3A%22Older%20man%20with%20headphones%20on%20looking%20at%20his%20phone%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FInternational-Credit-Union-Day_Digital-Ad_2023-10_Blog-300x200-1.jpg%22%2C%22alt%22%3A%22colorful%20content%20that%20says%20international%20credit%20union%20day%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2Fmobilebanking.jpg%22%2C%22alt%22%3A%22man%20on%20mobile%20device%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FSavers-Sweepstakes_Blog-Photos_2023-10_Anne-W_V1.jpg%22%2C%22alt%22%3A%22ANNE%20W%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2Fvideobanking.jpg%22%2C%22alt%22%3A%22couple%20on%20laptop%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fplugins%2Ftranslatepress-multilingual%2Fassets%2Fimages%2Fflags%2Fes_ES.png%22%2C%22alt%22%3A%22es_ES%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Feducatorscu-logo_black.svg%22%2C%22alt%22%3A%22Educators%20CU%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fequal_housing.svg%22%2C%22alt%22%3A%22Equal%20Housing%20Opportunity%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Ficon_close.svg%22%2C%22alt%22%3A%22Close%20Search%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Ficon_search.svg%22%2C%22alt%22%3A%22Open%20Search%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fncua_logo.svg%22%2C%22alt%22%3A%22NCUA%20Logo%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.ecu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type access-control-max-age 3000 age 97016 cache-control max-age=604800 date Tue, 24 Oct 2023 20:29:51 GMT server CDN77-Turbo via 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront) x-77-cache MISS x-77-nzt ApySIYs3NzcA1GY4nDc3NwA x-77-nzt-ray cf878727c93b405c3f2938652b00e32c x-77-pop frankfurtDE x-amz-cf-id WKwBS_ugJ1qWySnnLE3L0zHnI99FwN5tNnquQX8jwzDqOCRTdPLzRQ== x-amz-cf-pop FRA60-P3 x-service-version img-dscr-srv-8ddd9565
GET H2	200	alts.json Show response cdn.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/7ymg5pujDQ3alYqH/	2 KB 1 KB	117ms 117ms	Fetch application/json	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/api/img-dscr/v2/05LFyEabXj/2883316/7ymg5pujDQ3alYqH/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FBobby-Portis_WebsiteHomepage-01-scaled.jpg%22%2C%22alt%22%3A%22Bobby%20Portis%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FFraud-Awareness_Digital-Ads_2023-09_Blog-2-300x200-1.jpg%22%2C%22alt%22%3A%22Older%20man%20with%20headphones%20on%20looking%20at%20his%20phone%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FInternational-Credit-Union-Day_Digital-Ad_2023-10_Blog-300x200-1.jpg%22%2C%22alt%22%3A%22colorful%20content%20that%20says%20international%20credit%20union%20day%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2Fmobilebanking.jpg%22%2C%22alt%22%3A%22man%20on%20mobile%20device%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2FSavers-Sweepstakes_Blog-Photos_2023-10_Anne-W_V1.jpg%22%2C%22alt%22%3A%22ANNE%20W%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Ffiles%2Fvideobanking.jpg%22%2C%22alt%22%3A%22couple%20on%20laptop%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fplugins%2Ftranslatepress-multilingual%2Fassets%2Fimages%2Fflags%2Fes_ES.png%22%2C%22alt%22%3A%22es_ES%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Feducatorscu-logo_black.svg%22%2C%22alt%22%3A%22Educators%20CU%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fequal_housing.svg%22%2C%22alt%22%3A%22Equal%20Housing%20Opportunity%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Ficon_close.svg%22%2C%22alt%22%3A%22Close%20Search%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Ficon_search.svg%22%2C%22alt%22%3A%22Open%20Search%20Icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ecu.com%2Fwp-content%2Fthemes%2Fecu-theme%2Fimages%2Fncua_logo.svg%22%2C%22alt%22%3A%22NCUA%20Logo%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D Requested by Host: cdn.userway.org URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1697824777924 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 148ac4a16b8bf938002b557611d6bf0507e0f4444a18183cf2232488bc695be3 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/json Response headers x-77-pop frankfurtDE date Tue, 24 Oct 2023 20:29:51 GMT via 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA60-P3 age 97016 x-77-cache MISS x-service-version img-dscr-srv-8ddd9565 x-77-nzt ApySIYs3Nzeh1GY4nDc3N6E x-cache-lb MISS server CDN77-Turbo etag W/"96b-NZQ1YuMUY7d5EjyWxY9DrLUEVig" x-77-nzt-ray cf878727c93b405c3f293865d9c19933 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type access-control-max-age 3000 cache-control max-age=604800 access-control-allow-headers * x-amz-cf-id zwAMADrwX6xpqZZCPovmp0Vz8Ot-PbkeIJTOThITa1rOqRT4-b3m5w==
POST H/1.1	204 No Content	/ client-logger.salemove.com/	0 0	347ms 109ms	Fetch	52.3.14.134 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://client-logger.salemove.com/ Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-9870479fe.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.3.14.134 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-14-134.compute-1.amazonaws.com Software envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.ecu.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=31536000 date Tue, 24 Oct 2023 20:29:52 GMT server envoy vary Origin access-control-max-age 7200 access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers x-envoy-upstream-service-time 2