fosterronline.com Open in urlscan Pro
104.219.248.112  Public Scan

30 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://6528888.fls.doubleclick.net/activityi;cat=sitev03p;ord=1;src=6528888;type=count0 HTTP 302
• https://6528888.fls.doubleclick.net/activityi;dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0

Request Chain 34

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1661388725089&url=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2970716%26time%3D1661388725089%26url%3Dhttps%253A%252F%252Ffosterronline.com%252Fprivacy-security%252Fca-privacy-contact.html%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1661388725089&url=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1661388725089&url=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&liSync=true&e_ipv6=AQJfRHSyPDgGOAAAAYLSfB4RPZkgbcdI0D4Ob8chhntz9a3mJDDF4aoK9rPeCwGR5zsDR5cacJ7ed-EEBrk4hz3h-u7nKA

Request Chain 38

• https://cm.everesttech.net/cm/dd?d_uuid=70047291974590988394430188322813356153 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=YwbHtQAAAFyiHwN6

Request Chain 48

• https://9786468.fls.doubleclick.net/activityi;cat=fcb-u0;src=9786468;type=unive0 HTTP 302
• https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0

Request Chain 52

• https://tags.w55c.net/rs?id=51b9ba5765fa41d0a20f86741131dc72&t=marketing HTTP 302
• https://tags.w55c.net/rs?sccid=ebe77e4d-6987-cfed-ebfe-7e8d15f3284b&scc=1&id=51b9ba5765fa41d0a20f86741131dc72&t=marketing

Request Chain 54

• https://action.dstillery.com/orbserv/nsjs?adv=cl1027245&ns=4080&nc=FCBHomepage&ncv=32&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
• https://action.media6degrees.com/orbserv/nsjs?adv=cl1027245&ns=4080&nc=FCBHomepage&ncv=32&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ca-privacy-contact.html Show response fosterronline.com/privacy-security/	119 KB 23 KB	640ms 213ms	Document text/html	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash beb59e0a19652fd56aaeab68e4f4897f933316d1ee735bda3c4a41df2df4db53 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 23483 content-type text/html date Thu, 25 Aug 2022 00:52:02 GMT last-modified Fri, 12 Aug 2022 16:12:16 GMT server LiteSpeed vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	common.js Show response cds-sdkcfg.onlineaccess1.com/	201 KB 112 KB	370ms 245ms	Script application/javascript	192.0.54.4 Q2HOLDINGS
General Check archive.org Show headers Download Go to Full URL https://cds-sdkcfg.onlineaccess1.com/common.js Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.54.4 , United States, ASN62659 (Q2HOLDINGS, US), Reverse DNS Software cloudflare / Resource Hash d20c651a73e138bbb34802b2e5da24dce950f472b6446653f5cc62227161a61e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:03 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript; charset=UTF-8 content-encoding gzip cache-control no-cache, no-store, must-revalidate cf-ray 740057c18db9ffdc-VNO x-ion-hop prod expires 0
GET H2	404	api.js fosterronline.com/recaptcha/	0 0	210ms 209ms	Script text/html	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/recaptcha/api.js?render=6LccFrUZAAAAAPbFzDTwL_KTUnF7TAEvdy5U9nwb Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:03 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	200	clientlib-aem.css fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/	382 KB 36 KB	835ms 834ms	Stylesheet text/css	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.css Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash d75eb72ad8c5e271e0e8734f7a61c7661a480bed357b57673acf722ff03118fe Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:03 GMT content-encoding br last-modified Fri, 29 Jul 2022 03:25:00 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 36195 expires Thu, 01 Sep 2022 00:52:03 GMT
GET H2	200	answers.min.js Show response fosterronline.com/answers/v0.13.1/	368 KB 97 KB	213ms 213ms	Script application/javascript	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/answers/v0.13.1/answers.min.js Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash 6cdb76a12fdc124b0a3e053eb3be7d2a837afb43e459fdda17416979a95d0220 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:03 GMT content-encoding br last-modified Fri, 03 Apr 2020 21:08:44 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 99334 expires Thu, 01 Sep 2022 00:52:03 GMT
GET H2	200	launch-3bb7433af2ae.min.js Show response fosterronline.com/60e0841c6ded/d5a97f0ea4af/	498 KB 100 KB	388ms 385ms	Script application/javascript	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash 2a6159a6b07bc0b46108ff28c63d462cf40119e112bb5c2e82e0b8b21fea81c0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT content-encoding br last-modified Tue, 09 Aug 2022 19:57:54 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 102257 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	image.20200806.png fosterronline.com/content/dam/firstcitizens/images/logos/fcb-logo-horiz-web-2020%402x.png.transform/image-scaled-2x-to-1x/	6 KB 6 KB	388ms 385ms	Image image/png	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fosterronline.com/content/dam/firstcitizens/images/logos/fcb-logo-horiz-web-2020%402x.png.transform/image-scaled-2x-to-1x/image.20200806.png Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash fdb88055ceb15da9b51e572c3f3031815ff7da829602836614a8c6c5265951b2 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT last-modified Wed, 16 Feb 2022 07:44:50 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 6387 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	social-media-facebook.svg fosterronline.com/content/dam/firstcitizens/images/icons/	646 B 611 B	596ms 593ms	Image image/svg+xml	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fosterronline.com/content/dam/firstcitizens/images/icons/social-media-facebook.svg Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash 512f6f9a1d8ffee576eac71f692d17bb65db8674d8e252fa920cfbe44e27defd Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT content-encoding br last-modified Fri, 07 Aug 2020 01:53:16 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 386 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	social-media-twitter.svg fosterronline.com/content/dam/firstcitizens/images/icons/	925 B 743 B	598ms 595ms	Image image/svg+xml	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fosterronline.com/content/dam/firstcitizens/images/icons/social-media-twitter.svg Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash c7e8d012b8af2930a9b2075f6f1b242f44021eb8a90cea16a06ca8c22b4396f4 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT content-encoding br last-modified Fri, 07 Aug 2020 01:53:14 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 518 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	social-media-linked-in.svg fosterronline.com/content/dam/firstcitizens/images/icons/	710 B 635 B	598ms 596ms	Image image/svg+xml	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fosterronline.com/content/dam/firstcitizens/images/icons/social-media-linked-in.svg Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash b937804c6a80e27b2ae31f413899d1404d466f62257ce074e8970d3c8553a568 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT content-encoding br last-modified Fri, 07 Aug 2020 01:53:16 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 410 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	social-media-youtube.svg fosterronline.com/content/dam/firstcitizens/images/icons/	730 B 638 B	595ms 594ms	Image image/svg+xml	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fosterronline.com/content/dam/firstcitizens/images/icons/social-media-youtube.svg Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash 8650c4df5a32ed554d97c9ca0f5442c3e17748cff90a2feef95643c6fa860acd Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT content-encoding br last-modified Fri, 07 Aug 2020 01:53:16 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 413 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	forever-first-web.svg fosterronline.com/content/dam/firstcitizens/images/logos/	6 KB 2 KB	598ms 596ms	Image image/svg+xml	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fosterronline.com/content/dam/firstcitizens/images/logos/forever-first-web.svg Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash faf7cb15d1e0ddf8c697883d15b9dcb2527df78a575a14b2f7adaf0bcad0f3fb Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT content-encoding br last-modified Fri, 07 Aug 2020 01:53:10 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 1801 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	clientlib-aem.js Show response fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/	275 KB 67 KB	209ms 209ms	Script application/javascript	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.js Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash d211d66c5822fa000e01a386a0840c21daf31f526cd26b137448028ba2b0069e Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT content-encoding br last-modified Fri, 29 Jul 2022 03:25:02 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 68593 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	clientlib-dependencies.js Show response fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/	0 202 B	409ms 409ms	Script application/javascript	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-dependencies.js Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT last-modified Tue, 26 Nov 2019 03:24:18 GMT server LiteSpeed content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 0 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	fcb-logo-brandmark-web.svg fosterronline.com/content/dam/firstcitizens/images/logos/	4 KB 1 KB	598ms 597ms	Image image/svg+xml	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fosterronline.com/content/dam/firstcitizens/images/logos/fcb-logo-brandmark-web.svg Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash 1ef07013b9e10f8f80a614dc6c2677a566b59c97aa361b441ef009f0aa928084 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT content-encoding br last-modified Fri, 07 Aug 2020 01:53:08 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 1085 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	404	icons.svg fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/icons/	0 0	601ms 600ms	Other text/html	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/icons/icons.svg Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	200	HarmoniaSansStd-Regular.woff2 fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/	19 KB 20 KB	598ms 597ms	Font font/woff2	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff2 Requested by Host: fosterronline.com URL: https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash 3966f3091c7e9c586b259d00f5f9be81420299206ce4e503d7730436809cd200 Request headers Referer https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.css Origin https://fosterronline.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT last-modified Fri, 07 Aug 2020 02:17:40 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 19780 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	HarmoniaSansStd-Bold.woff2 fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/	21 KB 21 KB	596ms 595ms	Font font/woff2	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Bold.woff2 Requested by Host: fosterronline.com URL: https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash ae8b169a3a00e5da3b452394b70fbe8601e45df0951661c56070636f1840b7ad Request headers Referer https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.css Origin https://fosterronline.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT last-modified Fri, 07 Aug 2020 02:17:40 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 21204 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	HarmoniaSansStd-SemiBd.woff2 fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/	21 KB 21 KB	596ms 596ms	Font font/woff2	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-SemiBd.woff2 Requested by Host: fosterronline.com URL: https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash 56880c220888346c1dd6b286563a827de59a358ad28362889593113779d6d22b Request headers Referer https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.css Origin https://fosterronline.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT last-modified Fri, 07 Aug 2020 02:17:40 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 21200 expires Thu, 01 Sep 2022 00:52:04 GMT
GET H2	200	nican.js Show response trk.firstcitizens.com/200189/	65 KB 30 KB	456ms 148ms	Script application/x-javascript	35.169.159.245 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.firstcitizens.com/200189/nican.js?r=0.37049796116079015 Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.169.159.245 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-169-159-245.compute-1.amazonaws.com Software haile / Resource Hash 513c7f6bb61c896b4dbdcc0ba769ac9a031459bb0e53c117f7dec82a716dcc25 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:04 GMT content-encoding gzip server haile strict-transport-security max-age=86400 access-control-allow-methods GET, OPTIONS p3p CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-type application/x-javascript pics-label (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
GET H2	200	loadsnippet.js Show response trk.firstcitizens.com/200189/	67 KB 30 KB	599ms 292ms	Script application/x-javascript	35.169.159.245 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.firstcitizens.com/200189/loadsnippet.js?dt=login&r=0.6524355803312472 Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.169.159.245 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-169-159-245.compute-1.amazonaws.com Software haile / Resource Hash 3a3568bf19c7c082759c5377c36c3479926f49975d7562cdfd6393a48e0f6736 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:04 GMT content-encoding gzip server haile strict-transport-security max-age=86400 access-control-allow-methods GET, OPTIONS p3p CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-type application/x-javascript pics-label (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
GET H2	200	ruxitagent_A2SVfqru_10205201116183137.js Show response js-cdn.dynatrace.com/jstag/165658ccba3/	160 KB 63 KB	221ms 67ms	Script application/javascript	99.86.4.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js-cdn.dynatrace.com/jstag/165658ccba3/ruxitagent_A2SVfqru_10205201116183137.js Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.35 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-35.fra6.r.cloudfront.net Software / Resource Hash 522993c06425afcdbc27ba10376fa083699d476174dac91562b98528bec90ebd Request headers Referer https://fosterronline.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 15 Jun 2022 02:01:34 GMT content-encoding gzip age 6130230 x-cache Hit from cloudfront x-oneagent-js-injection true traffic-source UNKNOWN access-control-allow-origin * dynatrace-response-id JSLMWUGSHOYC dynatrace-response-source Cluster vary Accept-Encoding content-type application/javascript;charset=utf-8 via 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront) cache-control public, max-age=31536000, immutable x-amz-cf-pop FRA6-C1 timing-allow-origin * x-amz-cf-id CPXnA2_Nh3LaJEHPxpIP6O0Y3L_5yQ3KwCAGMqC7a6LWv3VpmqQptw== expires Thu, 15 Jun 2023 02:01:34 GMT
GET H2	200	siteanalyze_2884.js Show response siteimproveanalytics.com/js/	25 KB 9 KB	248ms 80ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteimproveanalytics.com/js/siteanalyze_2884.js Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36cef338ad8896930b39d347c01e4944d9aac13150cb39c466c4f591f407cfd5 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 840 cf-ray 740057c9db102d7f-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8545 x-amz-id-2 weGjHZNR4acHSSiZ+YJsqrUe3Rnt0Et4Wg53zfAQEzuRIOtUPyr6x/2j1+kPPBqFSMBAPgQk8II= last-modified Mon, 16 May 2022 09:33:06 GMT server cloudflare etag "6dc89d2db23285c4ec650cc85fcec472" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mI%2FRLd8o6BymL8tZ0W2fS6wfMkqSssVHTi5BJxiM40hRoEg1JWy3SKVdbMEsTP3VVBRjTLLBXIs3UaRp2rGo3fMfKPeIDf7hu7Ryu%2BzDohI%2F6eX8PBNuZiztw%2FQT%2FWeSXmKbIxlqQ6MR2HLos%2FXntsqkqOaDGIU%3D"}],"group":"cf-nel","max_age":604800} x-amz-request-id 8MT1RHRTXV9V1AR3 cache-control max-age=86400, no-transform accept-ranges bytes content-type application/javascript; charset=utf-8
GET H2	200	answerstemplates.compiled.min.js Show response assets.sitescdn.net/answers/v0.13.1/	263 KB 56 KB	163ms 65ms	Script application/javascript	2606:4700::6812:7334 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.sitescdn.net/answers/v0.13.1/answerstemplates.compiled.min.js Requested by Host: fosterronline.com URL: https://fosterronline.com/answers/v0.13.1/answers.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6812:7334 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6acdd0a9a45db4fdcd0bf8aa60d38594a8d7653f7a63368156a5c45b9d7bd2f3 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:04 GMT content-encoding gzip cf-cache-status HIT age 5973284 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id JM4XM3QS0AMYD0GK x-amz-id-2 sAGUHWtFuDW+SAKiL49Aa/VYqEZjseHiAFON7DjUQmP/S3KW8l8Px7x6lkutZifS+3RlQ9xiYR0= last-modified Fri, 03 Apr 2020 16:08:44 GMT server cloudflare etag W/"caffe009980310c9b76062239c855223" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 x-amz-version-id null cf-ray 740057c96f7e0d42-ARN
GET DATA	200 OK	truncated /	89 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H2	404	sys-search@2x.png fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/	1 KB 1 KB	209ms 209ms	Image text/html	104.219.248.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://fosterronline.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/sys-search@2x.png Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.112 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server161-2.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/privacy-security/ca-privacy-contact.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H/1.1	200 OK	id Show response dpm.demdex.net/	372 B 1 KB	341ms 85ms	XHR application/json	54.154.199.204 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&d_nsid=0&ts=1661388724867 Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.154.199.204 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-199-204.eu-west-1.compute.amazonaws.com Software / Resource Hash 54613e9daa4c1f61c26cabc6ec8b51f2435b0b36497143261376806e8e54c6f4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://fosterronline.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-2-v038-00ca3cced.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID SBv06VdmQHo= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://fosterronline.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 313 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	33 KB 12 KB	319ms 73ms	Script application/x-javascript	2a02:26f0:dc:282::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers unused62 8096267 date Thu, 25 Aug 2022 00:52:05 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://fosterronline.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12163 expires Thu, 25 Aug 2022 01:52:05 GMT
GET H2	200	AppMeasurement_Module_ActivityMap.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	3 KB 2 KB	324ms 79ms	Script application/x-javascript	2a02:26f0:dc:282::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers unused62 8096267 date Thu, 25 Aug 2022 00:52:05 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "2d1382c349d480b6b41574ac0c1af066:1644856531.739514" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://fosterronline.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 1597 expires Thu, 25 Aug 2022 01:52:05 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	100 KB 27 KB	204ms 68ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26535 x-xss-protection 0 pragma public x-fb-debug bW0xRUy8so1GqNwriKaEK2KGhlnHg3+UoAWgq/rNZEhp5W46A/BS5lcqJvE44FLV7OMfjuCN5YCBLznqHzhesg== x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 25 Aug 2022 00:52:05 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661388680142 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	8 KB 3 KB	205ms 68ms	Script application/x-javascript	2a02:26f0:3500:16::215:149b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:05 GMT content-encoding gzip last-modified Fri, 12 Aug 2022 20:23:36 GMT x-cdn AKAM vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=45376 accept-ranges bytes content-length 3063
GET H2	200	activityi;dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0 Show response 6528888.fls.doubleclick.net/ Frame 039B Redirect Chain https://6528888.fls.doubleclick.net/activityi;cat=sitev03p;ord=1;src=6528888;type=count0? https://6528888.fls.doubleclick.net/activityi;dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0?	424 B 507 B	87ms 86ms	Document text/html	142.250.184.198 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6528888.fls.doubleclick.net/activityi;dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0? Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f6.1e100.net Software cafe / Resource Hash 61607b1947048fcc9393464c1be0c13b47925c618fa00b052494bb491aa7931c Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fosterronline.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-encoding gzip content-length 330 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 25 Aug 2022 00:52:05 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 25 Aug 2022 00:52:05 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://6528888.fls.doubleclick.net/activityi;dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	iMAWebCookie.js www.sc.pages08.net/lp/static/js/	14 KB 14 KB	519ms 151ms	Image application/javascript	3.96.5.142 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.sc.pages08.net/lp/static/js/iMAWebCookie.js?48c1ca3e-1591e998ba5-7aa5e78e9cd75263db77227069854da8&h=www.pages08.net Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.96.5.142 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-96-5-142.ca-central-1.compute.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 25 Aug 2022 00:52:05 GMT Last-Modified Wed, 24 Aug 2022 03:56:52 GMT Server Apache ETag "3772-5e6f4abce94a2" Strict-Transport-Security max-age=16070400; includeSubDomains; preload Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 14194
GET H2	200	bd0e417d0d38a.js Show response t.contentsquare.net/uxa/	331 KB 73 KB	217ms 68ms	Script application/javascript	65.9.66.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://t.contentsquare.net/uxa/bd0e417d0d38a.js Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-105.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash a8b3b76fba5db93cb6dbbefbfca17b9de6ac7138ab17d5231fc4904035ea4af1 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 23 Aug 2022 15:24:26 GMT content-encoding gzip last-modified Tue, 23 Aug 2022 15:24:01 GMT server AmazonS3 age 120460 etag "cc71128c25e2093ce71a36a4be26ac7a" x-cache Hit from cloudfront content-type application/javascript;charset=utf-8 via 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront) cache-control max-age=900 x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 74490 x-amz-cf-id 7eQyXvBBFttFB-onKSBsPQ0Z9qO18o13iQQ-OqRgWdNyLtbpEGq3HA==
GET H/1.1	200 OK	image.aspx 2884.global.siteimproveanalytics.io/	34 B 620 B	334ms 66ms	Image image/gif	35.156.107.216 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://2884.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&title=California%20Privacy%20Request%20%7C%20First%20Citizens%20Bank&res=1600x1200&accountid=2884&rt=2504&prev=5970e796-492c-9421-0173-a98723b73692&luid=6e43adc1-95a1-357f-d5e4-c94d0fd35526&rnd=31011 Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.107.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-107-216.eu-central-1.compute.amazonaws.com Software / Resource Hash 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 25 Aug 2022 00:52:05 GMT Cache-Control max-age=0, no-cache="set-cookie" Expires Thu, 25 Aug 2022 00:52:05 UTC Connection keep-alive Content-Length 34 Content-Type image/gif
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1661388725089&url=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2970716%26time%3D1661388725089%26url%3Dhttps%253A%252F%252Ffosterronline.com%252F... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1661388725089&url=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1661388725089&url=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&liSync=true&e_ipv6=AQJfRHSyPDgGOAAAAY...	0 264 B	345ms 233ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1661388725089&url=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&liSync=true&e_ipv6=AQJfRHSyPDgGOAAAAYLSfB4RPZkgbcdI0D4Ob8chhntz9a3mJDDF4aoK9rPeCwGR5zsDR5cacJ7ed-EEBrk4hz3h-u7nKA Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:05 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: F4E608957D8742889CD822DAB2759516 Ref B: STOEDGE1106 Ref C: 2022-08-25T00:52:06Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-proto http/2 content-length 0 x-li-uuid AAXnBjTalZ2C7t2mcvX4Lw== x-li-fabric prod-lor1 Redirect headers date Thu, 25 Aug 2022 00:52:05 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: A15BBE54A71143F0B8DB37735B598ED1 Ref B: STOEDGE1220 Ref C: 2022-08-25T00:52:05Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1661388725089&url=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&liSync=true&e_ipv6=AQJfRHSyPDgGOAAAAYLSfB4RPZkgbcdI0D4Ob8chhntz9a3mJDDF4aoK9rPeCwGR5zsDR5cacJ7ed-EEBrk4hz3h-u7nKA x-li-proto http/2 content-length 0 x-li-uuid AAXnBjTVT9Ip1VOJ+4HFGw==
GET H2	200	identity.js Show response connect.facebook.net/signals/plugins/	64 KB 20 KB	67ms 66ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/identity.js?v=2.9.77 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 20715 x-xss-protection 0 pragma public x-fb-debug CB03IGDWRvTGuNNQrZ6hVawJDp6nqTtlYhuQtja8FpsnrqQTAXO5XD+dCCuqhBBduDqhAeqDqT869oNP5J/jZw== x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 25 Aug 2022 00:52:05 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661388462046 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	270894894628321 Show response connect.facebook.net/signals/config/	293 KB 84 KB	92ms 92ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/270894894628321?v=2.9.77&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 651801327eb97e55063d3db4d16de684d620ca3e797098f0f7bfe04d16327837 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 85937 x-xss-protection 0 pragma public x-fb-debug N0OnMbo+p9xerOo7Nb1StExpNJEye9eYB64pmu7hqH9JG/mC/4xHmfGwU+TgNoHGC4fgDC0/hNE0dLm3Llhu5g== x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 25 Aug 2022 00:52:05 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661388604707 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	dest5.html Show response firstcitizens.demdex.net/ Frame 422A	7 KB 3 KB	342ms 86ms	Document text/html	52.49.126.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://firstcitizens.demdex.net/dest5.html?d_nsid=0 Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.126.217 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-126-217.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://fosterronline.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 2791 Content-Type text/html;charset=UTF-8 DCS dcs-prod-irl1-1-v038-0d17c4202.edge-irl1.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID tMJ9h/kASkk= content-encoding gzip date Thu, 25 Aug 2022 00:52:05 GMT last-modified Wed, 3 Aug 2022 11:53:45 GMT vary accept-encoding
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=YwbHtQAAAFyiHwN6 dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=70047291974590988394430188322813356153 https://dpm.demdex.net/ibs:dpid=411&dpuuid=YwbHtQAAAFyiHwN6	42 B 942 B	85ms 85ms	Image image/gif	54.154.199.204 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=YwbHtQAAAFyiHwN6 Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol HTTP/1.1 Server 54.154.199.204 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-199-204.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v038-0d17c4202.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID wHtjBdkeS2I= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=YwbHtQAAAFyiHwN6 Date Thu, 25 Aug 2022 00:52:05 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	/ Show response adservice.google.com/ddm/fls/i/dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0;~oref=https://fosterronline.com/ Frame 64C3	423 B 801 B	258ms 108ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0;~oref=https://fosterronline.com/ Requested by Host: 6528888.fls.doubleclick.net URL: https://6528888.fls.doubleclick.net/activityi;dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 656c1b2fb3c995232269ea41907ea235ef4bb47acd6cb2d29862ac7f8eb6f3ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6528888.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-encoding gzip content-length 332 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 25 Aug 2022 00:52:05 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	210ms 67ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=270894894628321&ev=PageView&dl=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&rl=&if=false&ts=1661388725318&sw=1600&sh=1200&v=2.9.77&r=stable&a=adobe_launch&ec=0&o=30&fbp=fb.1.1661388725316.1591810954&it=1661388725127&coo=false&exp=d0&rqm=GET Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:05 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Thu, 25 Aug 2022 00:52:05 GMT
GET H2	200	/ Show response adservice.google.fi/ddm/fls/i/dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0;~oref=https://fosterronline.com/ Frame CB36	194 B 870 B	264ms 111ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.fi/ddm/fls/i/dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0;~oref=https://fosterronline.com/ Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CI_vrKbj4PkCFfVFHQkdKeIJrA;cat=sitev03p;ord=1;src=6528888;type=count0;~oref=https://fosterronline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adservice.google.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 177 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 25 Aug 2022 00:52:05 GMT expires Thu, 25 Aug 2022 00:52:05 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	RC3f46c62a70f045be8e7254bf90a2eaac-source.min.js Show response assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/46b845092ad5/	988 B 767 B	74ms 74ms	Script application/x-javascript	2a02:26f0:dc:282::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/46b845092ad5/RC3f46c62a70f045be8e7254bf90a2eaac-source.min.js Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 769697a9714249c15fb2f91b45d5a691256de77f2fa2c41f07e93b544d6a9a2c Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:05 GMT content-encoding gzip last-modified Tue, 09 Aug 2022 14:57:56 GMT server AkamaiNetStorage etag "5d862d414bff822229e7bc2aafbaf961:1660057076.629952" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://fosterronline.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 502 expires Thu, 25 Aug 2022 01:52:05 GMT
GET H2	200	s21508129158413 firstcitizens.sc.omtrdc.net/b/ss/fcb-production/1/JS-2.22.4-LCUM/	43 B 344 B	256ms 77ms	Image image/gif	15.188.95.229 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://firstcitizens.sc.omtrdc.net/b/ss/fcb-production/1/JS-2.22.4-LCUM/s21508129158413?AQB=1&ndh=1&pf=1&t=25%2F7%2F2022%200%3A52%3A5%204%200&mid=76151264142356009073882280972148927653&aamlh=6&ce=UTF-8&pageName=california%20privacy%20request&g=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&cc=USD&server=production&events=event51&c1=california%20privacy%20request&v1=california%20privacy%20request&c2=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&v2=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&c3=production&v3=76151264142356009073882280972148927653&c4=redesign%202020&v5=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&v51=california%20privacy%20request&pe=lnk_o&pev2=Page%20With%20Form%20Loaded%3A%20california%20privacy%20request&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&AQE=1 Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-188-95-229.eu-west-3.compute.amazonaws.com Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:05 GMT x-content-type-options nosniff last-modified Fri, 26 Aug 2022 00:52:05 GMT server jag etag 3567805120194314240-4619744015511769230 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private content-type image/gif;charset=utf-8 content-length 43 x-xss-protection 1; mode=block expires Wed, 24 Aug 2022 00:52:05 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	136ms 66ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=270894894628321&ev=Microdata&dl=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&rl=&if=false&ts=1661388725820&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22California%20Privacy%20Request%20%7C%20First%20Citizens%20Bank%22%2C%22meta%3Adescription%22%3A%22Residents%20of%20California%20have%20specific%20rights%20regarding%20their%20personal%20information%20and%20may%20request%20about%20our%20collection%2C%20use%2C%20and%20disclosure%20of%20your%20personal%20information%20over%20the%20past%2012%20months.%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.firstcitizens.com%2Fetc.clientlibs%2Ffirstcitizens%2Fclientlibs%2Fclientlib-aem%2Fresources%2Fimages%2Ffcb-logo-og-teaser-2020.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.firstcitizens.com%2Fprivacy-security%2Fca-privacy-contact%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.firstcitizens.com%2Fprivacy-security%22%2C%22name%22%3A%22Privacy%20and%20Security%22%7D%7D%2C%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A2%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.firstcitizens.com%2Fprivacy-security%2Fca-privacy-contact%22%2C%22name%22%3A%22California%20Privacy%20Request%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.77&r=stable&a=adobe_launch&ec=1&o=30&fbp=fb.1.1661388725316.1591810954&it=1661388725127&coo=false&es=automatic&tm=3&exp=d0&rqm=GET Requested by Host: fosterronline.com URL: https://fosterronline.com/privacy-security/ca-privacy-contact.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:05 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Thu, 25 Aug 2022 00:52:05 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	174 KB 63 KB	234ms 82ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10873044387&l=dataLayer Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3a827095abe652f09332d8a6ea184a0636b2cac67a398f58f12dc3fd34bcd818 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:06 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 64072 x-xss-protection 0 last-modified Thu, 25 Aug 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 25 Aug 2022 00:52:06 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 2 KB	371ms 73ms	Script application/x-javascript	104.96.148.88 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.96.148.88 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-148-88.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 25 Aug 2022 00:52:06 GMT Content-Encoding gzip Last-Modified Fri, 29 Oct 2021 01:24:07 GMT Server AkamaiNetStorage ETag "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 753
GET H2	200	s25016010750040 firstcitizens.sc.omtrdc.net/b/ss/fcb-production/1/JS-2.22.4-LCUM/	43 B 188 B	78ms 77ms	Image image/gif	15.188.95.229 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://firstcitizens.sc.omtrdc.net/b/ss/fcb-production/1/JS-2.22.4-LCUM/s25016010750040?AQB=1&ndh=1&pf=1&t=25%2F7%2F2022%200%3A52%3A6%204%200&mid=76151264142356009073882280972148927653&aamlh=6&ce=UTF-8&pageName=ca-privacy-contact.html&g=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&c.&getPreviousValue=3.0&.c&cc=USD&server=production&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=ca-privacy-contact.html&v1=ca-privacy-contact.html&c2=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&v2=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&c3=production&v3=76151264142356009073882280972148927653&c4=redesign%202020&v5=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&v10=general%20banking&v12=california%20privacy%20request%20%7C%20first%20citizens%20bank&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&lrt=257&AQE=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-188-95-229.eu-west-3.compute.amazonaws.com Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:06 GMT x-content-type-options nosniff last-modified Fri, 26 Aug 2022 00:52:06 GMT server jag etag 3567805122565832704-4619813418962128536 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private content-type image/gif;charset=utf-8 content-length 43 x-xss-protection 1; mode=block expires Wed, 24 Aug 2022 00:52:06 GMT
GET H3	200	activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0 Show response 9786468.fls.doubleclick.net/ Frame F4F6 Redirect Chain https://9786468.fls.doubleclick.net/activityi;cat=fcb-u0;src=9786468;type=unive0? https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0?	2 KB 979 B	92ms 92ms	Document text/html	142.250.184.198 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0? Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f6.1e100.net Software cafe / Resource Hash 66fa80b55014f1f7c61b8a95cfd49f7d8274e93de9545ce0c08726d9861983f4 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fosterronline.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 954 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 25 Aug 2022 00:52:06 GMT expires Thu, 25 Aug 2022 00:52:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 25 Aug 2022 00:52:06 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ Show response zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com/WRSiteInterceptEngine/	7 KB 4 KB	219ms 68ms	Script application/javascript	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_dhWK2NLgcbvdeL3 Requested by Host: fosterronline.com URL: https://fosterronline.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c8bb240f133d7a9ca0540b600934ee76aef48f6c6a67b8273a5f548a374b756 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:06 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 172181 cf-polished origSize=8435 cf-ray 740057d42b75993e-ARN edge-control max-age=604800 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin cf-bgj minify server cloudflare etag W/"20f3-03zgMTp26BI8vodSOLtRNZ5UJFo" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	zN33 Show response trk.firstcitizens.com/200189/	90 B 582 B	159ms 159ms	Script text/javascript	35.169.159.245 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.firstcitizens.com/200189/zN33?d=ZW5jZEBZVjNuUms2RW9zUFVtbUo1VG9RcUhzSnNHaStBWFY1RHZ5OHdmejhCRm1qS3dEdCtMUXJoQ1RMUERpQTJtbGdpTWgxMGFwZzAxeUVRckluM3BzZmVtTFNualVUcHRKWXpKdnQ0K1dZS2xyOENhWUQ4MVpFOUREU3hJOUhURVdJcUVFdzZkQjZZR0g1UFJhOGFwTlJ4aDJVTFRtejNJUEFYaTAxWDhvajJqVHpoa0ZVWGJhQVVzMUt6cFNTd1hvb1RoaGU0VUJ5K0R0RjBmMVQ1OWR4Mm5xNmRLQjF2L3haQWVsKzRLeGQ0VnlYVUNGTTNQbVY4cWRmOHNFMmg1UVZqeldyZG1HUDBWK3g1QmFuNHNydVVNVVNPcjhENFZvZXdJRDFLc2FXSXlqSGxFSVRTUkVHcWFEWTB2WDJYcGJTaFAvbkR2Vjc3eFlsU0xXZU96eW9OMVNGYjA4bGxBb3BONmVsZ1JFYjc2WUZvQThNWTl1UzJHaU8xZ3NFM0ZxM2krSkFnWVQ5ZU5aeUpGWm9IWHdNQ1h5K3NyNCt1WWpldXltQm4rL1NmU2RNVXdEbFFUUmJ5QURzeThRdXZsajdOK1BRN2ZVM3NJSkI3M0V5NldQcUlKV01yTTRKNzQ3d0hiVlZ4VHpsL1ZLVU0yR24rR0ZkbTFYZlVDOVVQM1hsZ0NoY2tPTmhPMUN1RWRsRFo4UU9aamFIa3JiOWxJWVdhK29oTmZIYjZWdEJBRGZXdWdRamszMURKRGtRSlV5Ui9pOFh1SEFKeVpRR0ZlNHExcVhMOFNYRURKMSt6VkcyWXdJOU1GM1c5Uy9lOVFScUdLMXc2TEtWa3ZqSXhxalNmMWx6WW1BPT18YmQ2ZjI1OGY2YmQ5YTNiMWQwNjVhY2I2ZTM0N2E2OTdlZDZmNjU1NDBjZGQ5ZjI0ZDc4ODA2NmQ1NGFkYWQ2MjdiZDUzYmU4M2Y3NjllMjZlZmY0OThmZGE0YzE1YWIyZDUyODEyNjZjYzZjMzM5ZjA1NmVkYzZjMzdkOTJlMTFmZjliNGIxMmZlYmUwN2FhOTBmZTdlOTVlY2JlODk2MzY4NGViZTA3YTk1MTJjMmIwOTBkOWNhZjQwNTYzOTRhN2I0NDFiOTkwM2VlODNkOWM5MTVlMWVmYzVhNWUwZmE0Y2FhZjEyM2IzMjU1NTRlOWVkNTM2MzE4YzgzN2UyMzI4NmNhNWE3MjQ3OTgyMzVhNTA1MjI0ZWE3YTdmMzVhMGMwNzE1NGJmNjM4YmM2NjI0MDA4NzZmOTZhNzZjOWE2OWM1NThmNWRkZjI3NDM3NjNkNTBjNGRhNjMxNzAxZWM4NDA5Y2IwMjk2ZGVkMmY4Nzc1YjM0MDI4Y2UyMTU1ZWY5MWYyODFlNjQ5MzhhMTY1Nzg0MTgzZDI2MDliYjVkMDg5Nzc4YzkwZTJiOGNhZTVjYjU4ODg4MDcyN2RlNzY1ZjQ5ODNiOTY1ZmY2MDEzNmQ4MzYxM2I1OTM5YjQzYzY1ODcyMDk3MzZmNTVhMGZlOGI1ZjRjOWE4ZmI1MjN8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Ffosterronline.com&LSESSIONID=eyJpIjoiVnNLNGMwOG5BK00wblwvTHNPa0xTbHc9PSIsImUiOiI1S1JVNE9OK2p6NW92cUY1MkpINjNhSVEraEVvbE85REk0RlJoK3g0amhSaEljWXJRTXRTbEtWUFA3WDBUWklsMUwzWVppdXJcL2ZiZEpiRmdDbHJkdXpyZGlHMDFvNnNSWldkd3hBK3A2ZVV6cENPTWV0XC9tOE5QdmNcL0xxakx5cFh0c0ozb3lSbkZSUmtZR01yUlcydmc9PSJ9.86c2d5b39a41a380.YjgyY2E2YTk2MWU4ODNkZWFmYzc5ZDg4MGJiNjQwOGVjN2FjYThkYWMxYWE1NDcxMTIwMzdjMTI5MmYyYmI4Mg%3D%3D&t=jsonp&c=unrgeypqeonmfmcv&eu=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html Requested by Host: trk.firstcitizens.com URL: https://trk.firstcitizens.com/200189/nican.js?r=0.37049796116079015 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.169.159.245 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-169-159-245.compute-1.amazonaws.com Software haile / Resource Hash 895f423b66b5244bb88e00539dba1b1464f5547d28bd9a9fc4bceec6edf07489 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:06 GMT server haile strict-transport-security max-age=86400 access-control-allow-methods GET, OPTIONS p3p CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-type text/javascript content-length 90 pics-label (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
POST H2	200	bf Show response bf48372wzr.bf.dynatrace.com/	694 B 959 B	449ms 144ms	XHR text/plain	3.227.107.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf48372wzr.bf.dynatrace.com/bf?type=js3&sn=-15%24092I915Q2NES1BNDDFNMKE0VN43IVU60&svrid=-15&flavor=cors&vi=CAWDKALDHEBOCJUHUOTJRUUOICLACAGQ-0&modifiedSince=1610381653117&rf=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&bp=3&app=6fe9836089b22b9f&crc=79372046&en=erm9uzvs&end=1 Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.227.107.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-227-107-182.compute-1.amazonaws.com Software / Resource Hash 82c30eafb0b4076359eff220e8da98b34afb7d122f8ca41cf355e86b3a0516d5 Request headers Referer https://fosterronline.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://fosterronline.com x-oneagent-js-injection true date Thu, 25 Aug 2022 00:52:06 GMT cache-control no-cache content-length 694 content-type text/plain;charset=utf-8
GET H/1.1	200	rs tags.w55c.net/ Frame F4F6 Redirect Chain https://tags.w55c.net/rs?id=51b9ba5765fa41d0a20f86741131dc72&t=marketing https://tags.w55c.net/rs?sccid=ebe77e4d-6987-cfed-ebfe-7e8d15f3284b&scc=1&id=51b9ba5765fa41d0a20f86741131dc72&t=marketing	42 B 593 B	66ms 66ms	Image image/gif	18.158.190.248 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tags.w55c.net/rs?sccid=ebe77e4d-6987-cfed-ebfe-7e8d15f3284b&scc=1&id=51b9ba5765fa41d0a20f86741131dc72&t=marketing Requested by Host: 9786468.fls.doubleclick.net URL: https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0? Protocol HTTP/1.1 Server 18.158.190.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-190-248.eu-central-1.compute.amazonaws.com Software Retargeting/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-027eb96c098a0be3e@eu-central-1a@dxedge-app-eu-central-1-prod-asg / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Aug 2022 00:52:05 GMT Server Retargeting/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-027eb96c098a0be3e@eu-central-1a@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=2592000; includeSubDomains Content-Type image/gif Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 42 Expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 25 Aug 2022 00:52:06 GMT Server Retargeting/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0b4faee82b62afb2e@eu-central-1b@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=2592000; includeSubDomains Location https://tags.w55c.net/rs?sccid=ebe77e4d-6987-cfed-ebfe-7e8d15f3284b&scc=1&id=51b9ba5765fa41d0a20f86741131dc72&t=marketing Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame F4F6	168 KB 61 KB	144ms 142ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-971615714 Requested by Host: 9786468.fls.doubleclick.net URL: https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 74a78c8e62397a4b7d5c2da63e172524ffa2306175e93110deb8a2d75357c490 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:06 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62351 x-xss-protection 0 last-modified Thu, 25 Aug 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 25 Aug 2022 00:52:06 GMT
GET H2	200	nsjs Show response action.media6degrees.com/orbserv/ Frame F4F6 Redirect Chain https://action.dstillery.com/orbserv/nsjs?adv=cl1027245&ns=4080&nc=FCBHomepage&ncv=32&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] https://action.media6degrees.com/orbserv/nsjs?adv=cl1027245&ns=4080&nc=FCBHomepage&ncv=32&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]	5 B 231 B	172ms 172ms	Script text/html	2606:4700::6812:a4f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://action.media6degrees.com/orbserv/nsjs?adv=cl1027245&ns=4080&nc=FCBHomepage&ncv=32&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] Requested by Host: 9786468.fls.doubleclick.net URL: https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0? Protocol H2 Server 2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3 Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:07 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 740057d82b4bf142-ARN content-language fi-FI p3p CP="COM NAV INT STA NID OUR IND NOI" access-control-allow-origin * cache-control no-cache content-type text/html;charset=ISO-8859-1 Redirect headers date Thu, 25 Aug 2022 00:52:07 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://action.media6degrees.com/orbserv/nsjs?adv=cl1027245&ns=4080&nc=FCBHomepage&ncv=32&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] content-type text/html; charset=iso-8859-1 access-control-allow-origin * cf-ray 740057d52a9ff142-ARN
GET H3	200	dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0 adservice.google.com/ddm/fls/z/ Frame F4F6	42 B 63 B	258ms 111ms	Image image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0 Requested by Host: 9786468.fls.doubleclick.net URL: https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:06 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/ Frame F4F6	100 KB 26 KB	68ms 67ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: 9786468.fls.doubleclick.net URL: https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0? Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26535 x-xss-protection 0 pragma public x-fb-debug bW0xRUy8so1GqNwriKaEK2KGhlnHg3+UoAWgq/rNZEhp5W46A/BS5lcqJvE44FLV7OMfjuCN5YCBLznqHzhesg== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 25 Aug 2022 00:52:06 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661388680142 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	11.538b4e05effab334888e.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	61 KB 19 KB	64ms 63ms	Script application/javascript	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/11.538b4e05effab334888e.chunk.js?Q_CLIENTVERSION=1.76.0&Q_CLIENTTYPE=web&Q_BRANDID=fosterronline.com Requested by Host: zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com URL: https://zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_dhWK2NLgcbvdeL3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa35a01e29408fe275d7752a46d22db90412789df6005bd3ce44736e561be4be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:06 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 166999 cf-polished origSize=62846 cf-ray 740057d49baa993e-ARN edge-control max-age=604800 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin last-modified Mon, 15 Aug 2022 17:18:14 GMT server cloudflare etag W/"f57e-182a2835bf0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	1 KB 818 B	179ms 178ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_dhWK2NLgcbvdeL3&Q_CLIENTVERSION=1.76.0&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cf612b73c69bfce0db0732e90f00a12b02a633c67127f5a41bbd7981c9790d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fosterronline.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 25 Aug 2022 00:52:06 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains; preload timing-allow-origin * referrer-policy strict-origin-when-cross-origin server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin https://fosterronline.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id acadf4fbbeea789a cf-ray 740057d50bd6993e-ARN
GET H3	200	1092183154453421 Show response connect.facebook.net/signals/config/ Frame F4F6	293 KB 84 KB	68ms 67ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1092183154453421?v=2.9.77&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash cd7b34fb914601b44b1a609ce551d9543af651af054002a7d7307c2cea16c93b Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 85878 x-xss-protection 0 pragma public x-fb-debug SvpJdlEktHBFLAWn+W9FuXEs9z6XmiTl7OtGeAavrL9gx5A/pkRxCGDrQ3UJdu9om4EJHRmlidUShx83beV2Zg== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 25 Aug 2022 00:52:06 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661388605899 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	107 KB 41 KB	226ms 81ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-2437458-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10873044387&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 45d15759ffc8fe09a0d264f99f7f305000fd80df0ee4ea0b625893b1deb396f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:06 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42032 x-xss-protection 0 expires Thu, 25 Aug 2022 00:52:06 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	168 KB 61 KB	256ms 112ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-971615714&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10873044387&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b9bc3cb586771888c5500b4623b904b18d58a2c7d81e1ba1c28d7d807a87a272 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:06 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62338 x-xss-protection 0 last-modified Thu, 25 Aug 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 25 Aug 2022 00:52:06 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	41 KB 16 KB	270ms 97ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10873044387&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:06 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15682 x-xss-protection 0 server cafe etag 14097944420163075165 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 25 Aug 2022 00:52:06 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/161/	11 KB 5 KB	74ms 74ms	Script application/x-javascript	104.96.148.88 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/161/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/munchkin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.96.148.88 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-148-88.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 25 Aug 2022 00:52:06 GMT Content-Encoding gzip Last-Modified Wed, 08 Sep 2021 00:38:21 GMT Server AkamaiNetStorage ETag "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Cache-Control max-age=8640000 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 4681 Expires Sat, 03 Dec 2022 00:52:06 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/ Frame F4F6	41 KB 15 KB	230ms 117ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-971615714 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:06 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15682 x-xss-protection 0 server cafe etag 14097944420163075165 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 25 Aug 2022 00:52:06 GMT
POST H/1.1	200 OK	visitWebPage 296-cpx-295.mktoresp.com/webevents/	2 B 318 B	658ms 151ms	Ping text/plain	192.28.144.124 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://296-cpx-295.mktoresp.com/webevents/visitWebPage?_mchNc=1661388726709&_mchCn=&_mchId=296-CPX-295&_mchTk=_mch-fosterronline.com-1661388726709-57497&_mchHo=fosterronline.com&_mchPo=&_mchRu=%2Fprivacy-security%2Fca-privacy-contact.html&_mchPc=https%3A&_mchVr=161&_mchEcid=E6D235355CF7C1DE0A495EEC%40AdobeOrg%3A6%3A76151264142356009073882280972148927653&_mchHa=&_mchRe=&_mchQp= Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/161/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.28.144.124 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 25 Aug 2022 00:52:07 GMT Content-Encoding gzip Server nginx/1.20.1 Transfer-Encoding chunked Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive X-Request-Id f2962a22-9c47-42b4-ba0a-1b82e031f95a
GET H3	200	/ www.facebook.com/tr/ Frame F4F6	44 B 88 B	67ms 66ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1092183154453421&ev=PageView&dl=https%3A%2F%2F9786468.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLCe9abj4PkCFQJBHQkdxxkKXg%3Bcat%3Dfcb-u0%3Bsrc%3D9786468%3Btype%3Dunive0%3F&rl=https%3A%2F%2Ffosterronline.com%2F&if=true&ts=1661388726759&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&it=1661388726601&coo=false&rqm=GET Requested by Host: 9786468.fls.doubleclick.net URL: https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0? Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:06 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Thu, 25 Aug 2022 00:52:06 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	223ms 71ms	Script text/javascript	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-2437458-1&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 6607 date Wed, 24 Aug 2022 23:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 25 Aug 2022 01:02:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/971615714/ Frame F4F6	2 KB 2 KB	253ms 88ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971615714/?random=1661388726981&cv=9&fst=1661388726981&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F9786468.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLCe9abj4PkCFQJBHQkdxxkKXg%3Bcat%3Dfcb-u0%3Bsrc%3D9786468%3Btype%3Dunive0%3F&ref=https%3A%2F%2Ffosterronline.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5844a75a81a7ea6c8dab8dd8ecea728ce9c3c4f6ffa22c6ff018cbe30acd8276 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:07 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1112 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	conversion_async.js Show response www.googleadservices.com/pagead/	41 KB 15 KB	242ms 88ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-971615714&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:07 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15682 x-xss-protection 0 server cafe etag 14097944420163075165 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 25 Aug 2022 00:52:07 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	223ms 78ms	XHR text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=373086394&t=pageview&_s=1&dl=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&ul=en-us&de=UTF-8&dt=California%20Privacy%20Request%20%7C%20First%20Citizens%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1757577881&gjid=406232013&cid=2038716156.1661388727&tid=UA-2437458-1&_gid=855376635.1661388727&_r=1&gtm=2ou8m0&z=251504415 Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://fosterronline.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fosterronline.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/971615714/ Frame F4F6	42 B 548 B	238ms 85ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/971615714/?random=1661388726981&cv=9&fst=1661385600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F9786468.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLCe9abj4PkCFQJBHQkdxxkKXg%3Bcat%3Dfcb-u0%3Bsrc%3D9786468%3Btype%3Dunive0%3F&ref=https%3A%2F%2Ffosterronline.com%2F&async=1&fmt=3&is_vtc=1&random=3509244302&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: 9786468.fls.doubleclick.net URL: https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.fi/pagead/1p-user-list/971615714/ Frame F4F6	42 B 548 B	238ms 86ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/pagead/1p-user-list/971615714/?random=1661388726981&cv=9&fst=1661385600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F9786468.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLCe9abj4PkCFQJBHQkdxxkKXg%3Bcat%3Dfcb-u0%3Bsrc%3D9786468%3Btype%3Dunive0%3F&ref=https%3A%2F%2Ffosterronline.com%2F&async=1&fmt=3&is_vtc=1&random=3509244302&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: 9786468.fls.doubleclick.net URL: https://9786468.fls.doubleclick.net/activityi;dc_pre=CLCe9abj4PkCFQJBHQkdxxkKXg;cat=fcb-u0;src=9786468;type=unive0? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 443 B	243ms 76ms	XHR text/plain	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2437458-1&cid=2038716156.1661388727&jid=1757577881&gjid=406232013&_gid=855376635.1661388727&_u=YEBAAUAAAAAAAC~&z=933843086 Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fosterronline.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 25 Aug 2022 00:52:07 GMT content-type text/plain access-control-allow-origin https://fosterronline.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	232ms 84ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2437458-1&cid=2038716156.1661388727&jid=1757577881&_u=YEBAAUAAAAAAAC~&z=1419049461 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.fi/ads/	42 B 63 B	228ms 83ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2437458-1&cid=2038716156.1661388727&jid=1757577881&_u=YEBAAUAAAAAAAC~&z=1419049461 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://fosterronline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 00:52:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	bf Show response bf48372wzr.bf.dynatrace.com/	202 B 467 B	145ms 145ms	XHR text/plain	3.227.107.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf48372wzr.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_8_sn_A2D3A5AF36A5A8949CF0954613387C6F_app-3A6fe9836089b22b9f_1_ol_0_perc_100000_mul_1&svrid=8&flavor=cors&vi=CAWDKALDHEBOCJUHUOTJRUUOICLACAGQ-0&modifiedSince=1661371599131&rf=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&bp=3&app=6fe9836089b22b9f&crc=2438294633&en=erm9uzvs&end=1 Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.227.107.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-227-107-182.compute-1.amazonaws.com Software / Resource Hash 0ff95414429b75f1e67ab808ee1124a3be5d0d69c96e119889f61b254062ea53 Request headers Referer https://fosterronline.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://fosterronline.com x-oneagent-js-injection true date Thu, 25 Aug 2022 00:52:08 GMT cache-control no-cache content-length 202 content-type text/plain;charset=utf-8
GET H3	200	/ www.facebook.com/tr/ Frame F4F6	44 B 88 B	67ms 66ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1092183154453421&ev=Microdata&dl=https%3A%2F%2F9786468.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLCe9abj4PkCFQJBHQkdxxkKXg%3Bcat%3Dfcb-u0%3Bsrc%3D9786468%3Btype%3Dunive0%3F&rl=https%3A%2F%2Ffosterronline.com%2F&if=true&ts=1661388728262&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.77&r=stable&ec=1&o=30&it=1661388726601&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language fi-FI,fi;q=0.9 Referer https://9786468.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:52:08 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Thu, 25 Aug 2022 00:52:08 GMT
POST H2	200	bf Show response bf48372wzr.bf.dynatrace.com/	202 B 467 B	145ms 145ms	XHR text/plain	3.227.107.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf48372wzr.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_8_sn_A2D3A5AF36A5A8949CF0954613387C6F_app-3A6fe9836089b22b9f_1_ol_0_perc_100000_mul_1&svrid=8&flavor=cors&vi=CAWDKALDHEBOCJUHUOTJRUUOICLACAGQ-0&modifiedSince=1661371599131&rf=https%3A%2F%2Ffosterronline.com%2Fprivacy-security%2Fca-privacy-contact.html&bp=3&app=6fe9836089b22b9f&crc=3600121744&en=erm9uzvs&end=1 Requested by Host: cds-sdkcfg.onlineaccess1.com URL: https://cds-sdkcfg.onlineaccess1.com/common.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.227.107.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-227-107-182.compute-1.amazonaws.com Software / Resource Hash 0ff95414429b75f1e67ab808ee1124a3be5d0d69c96e119889f61b254062ea53 Request headers Referer https://fosterronline.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://fosterronline.com x-oneagent-js-injection true date Thu, 25 Aug 2022 00:52:10 GMT cache-control no-cache content-length 202 content-type text/plain;charset=utf-8