i-054b2d17c465e98c3.hbgpsim.com Open in urlscan Pro
18.191.159.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Submission Tags: https://phish.report @phish_report Search All
Submission: On July 21 via api (July 21st 2023, 2:22:09 pm UTC) from FI — Scanned from FI

Summary HTTP 156 Redirects Links 102 Behaviour Indicators

Summary

This website contacted 52 IPs in 5 countries across 41 domains to perform 156 HTTP transactions. The main IP is 18.191.159.80, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is i-054b2d17c465e98c3.hbgpsim.com.
TLS certificate: Issued by R3 on July 11th 2023. Valid for: 3 months.

This is the only time i-054b2d17c465e98c3.hbgpsim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.191.159.80 18.191.159.80	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.89 65.9.66.89	16509 (AMAZON-02) (AMAZON-02)
1	40.80.191.1 40.80.191.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	52.88.183.153 52.88.183.153	16509 (AMAZON-02) (AMAZON-02)
3	18.66.97.77 18.66.97.77	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:20:... 2606:4700:20::681a:64b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:7db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.223.10.25 192.223.10.25	46562 (PERFORMIVE) (PERFORMIVE)
45	20.225.65.35 20.225.65.35	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	45.223.138.185 45.223.138.185	19551 (INCAPSULA) (INCAPSULA)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	54.157.14.224 54.157.14.224	14618 (AMAZON-AES) (AMAZON-AES)
4	18.164.52.86 18.164.52.86	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	3.161.119.161 3.161.119.161	16509 (AMAZON-02) (AMAZON-02)
1	54.159.116.102 54.159.116.102	14618 (AMAZON-AES) (AMAZON-AES)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1 6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 4	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
19 24	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.90.79.92 34.90.79.92	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
7	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:b83:98bc:f079:edb2	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.194.231.190 18.194.231.190	16509 (AMAZON-02) (AMAZON-02)
1 1	3.120.29.172 3.120.29.172	16509 (AMAZON-02) (AMAZON-02)
2	52.222.214.59 52.222.214.59	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	54.204.174.60 54.204.174.60	14618 (AMAZON-AES) (AMAZON-AES)
1	23.192.153.172 23.192.153.172	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.213.109.107 52.213.109.107	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
156	52

1 18.191.159.80 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-191-159-80.us-east-2.compute.amazonaws.com

i-054b2d17c465e98c3.hbgpsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-89.fra56.r.cloudfront.net

integration.silvercloudinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.80.191.1 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

quickquote-consumer.optimalblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.88.183.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-183-153.us-west-2.compute.amazonaws.com

api.alpharank.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.alpharank.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-77.fra56.r.cloudfront.net

cdn.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:64b (United States)

ASN13335 (CLOUDFLARENET, US)

embed.signalintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:7db (United States)

ASN13335 (CLOUDFLARENET, US)

allincu.quiq-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.223.10.25 (Atlanta, United States)

ASN46562 (PERFORMIVE, US)

www.surveycarrot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 20.225.65.35 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

allincu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.223.138.185 (United States)

ASN19551 (INCAPSULA, US)

www.overflowworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.157.14.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-14-224.compute-1.amazonaws.com

connect.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maprtb.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.164.52.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-86.cdg50.r.cloudfront.net

litho.silvercloudinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.161.119.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-161.vie50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.116.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-116-102.compute-1.amazonaws.com

calc-backend-prod.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

9599098.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net

5012033.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6856376.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 35.204.74.118 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.90.79.92 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.79.90.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.249.97.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:b83:98bc:f079:edb2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.231.190 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-231-190.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.29.172 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-172.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-59.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.174.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-174-60.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.153.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-172.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.109.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-109-107.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	allincu.com allincu.com	4 MB
26	simpli.fi 19 redirects um.simpli.fi — Cisco Umbrella Rank: 865 tag.simpli.fi — Cisco Umbrella Rank: 4247 i.simpli.fi — Cisco Umbrella Rank: 3495	15 KB
18	doubleclick.net 9 redirects 9599098.fls.doubleclick.net 5012033.fls.doubleclick.net 6856376.fls.doubleclick.net — Cisco Umbrella Rank: 421067 pubads.g.doubleclick.net — Cisco Umbrella Rank: 437 stats.g.doubleclick.net — Cisco Umbrella Rank: 116 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 243	11 KB
9	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3060 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3270	427 KB
8	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 117	4 KB
7	segmint.net cdn.segmint.net — Cisco Umbrella Rank: 36679 connect.segmint.net — Cisco Umbrella Rank: 41472 maprtb.segmint.net — Cisco Umbrella Rank: 62164	19 KB
6	google.fi www.google.fi — Cisco Umbrella Rank: 31660 adservice.google.fi — Cisco Umbrella Rank: 537533	1 KB
6	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 158	41 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56 region1.google-analytics.com — Cisco Umbrella Rank: 1771	21 KB
6	silvercloudinc.com integration.silvercloudinc.com — Cisco Umbrella Rank: 45902 litho.silvercloudinc.com — Cisco Umbrella Rank: 45126	34 KB
5	signalintent.com embed.signalintent.com — Cisco Umbrella Rank: 81613	149 KB
4	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3134 va.v.liveperson.net — Cisco Umbrella Rank: 3524	117 KB
3	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 447 ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
3	segment.com cdn.segment.com — Cisco Umbrella Rank: 1510	39 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	251 KB
3	alpharank.io api.alpharank.io — Cisco Umbrella Rank: 68425 pixel.alpharank.io — Cisco Umbrella Rank: 70531	47 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 744	1 KB
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2423	876 B
2	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1166
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 525 d.agkn.com — Cisco Umbrella Rank: 683	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 507	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	216 B
2	gstatic.com fonts.gstatic.com	31 KB
2	surveycarrot.com www.surveycarrot.com — Cisco Umbrella Rank: 157183	1021 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 475	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 382	239 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 413	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 926	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 876	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 584	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1585	421 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1631	324 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 5998	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 405	140 B
1	herokuapp.com calc-backend-prod.herokuapp.com — Cisco Umbrella Rank: 110708	411 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	1 KB
1	overflowworks.com www.overflowworks.com — Cisco Umbrella Rank: 559845
1	quiq-api.com allincu.quiq-api.com	3 KB
1	optimalblue.com quickquote-consumer.optimalblue.com — Cisco Umbrella Rank: 295665	2 KB
1	hbgpsim.com i-054b2d17c465e98c3.hbgpsim.com	12 KB
156	41

	Domain	Requested by
45	allincu.com	i-054b2d17c465e98c3.hbgpsim.com allincu.com
24	um.simpli.fi	19 redirects i-054b2d17c465e98c3.hbgpsim.com
7	lpcdn.lpsnmedia.net	lptag.liveperson.net
6	www.googleadservices.com	1 redirects www.googletagmanager.com 9599098.fls.doubleclick.net www.googleadservices.com
5	www.google.fi	i-054b2d17c465e98c3.hbgpsim.com 9599098.fls.doubleclick.net
5	www.google.com	4 redirects i-054b2d17c465e98c3.hbgpsim.com
5	googleads.g.doubleclick.net	4 redirects www.googleadservices.com
5	embed.signalintent.com	i-054b2d17c465e98c3.hbgpsim.com embed.signalintent.com
4	pubads.g.doubleclick.net	i-054b2d17c465e98c3.hbgpsim.com
4	litho.silvercloudinc.com	integration.silvercloudinc.com
4	www.google-analytics.com	i-054b2d17c465e98c3.hbgpsim.com www.google-analytics.com
3	adservice.google.com	9599098.fls.doubleclick.net 5012033.fls.doubleclick.net 6856376.fls.doubleclick.net
3	cdn.segment.com	embed.signalintent.com
3	connect.segmint.net	cdn.segmint.net
3	connect.facebook.net	i-054b2d17c465e98c3.hbgpsim.com connect.facebook.net
3	www.googletagmanager.com	i-054b2d17c465e98c3.hbgpsim.com www.googletagmanager.com www.google-analytics.com
3	cdn.segmint.net	i-054b2d17c465e98c3.hbgpsim.com cdn.segmint.net
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	1 redirects i-054b2d17c465e98c3.hbgpsim.com
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com	i-054b2d17c465e98c3.hbgpsim.com
2	pixel.tapad.com	1 redirects i-054b2d17c465e98c3.hbgpsim.com
2	va.v.liveperson.net	lptag.liveperson.net
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	secure.adnxs.com	1 redirects i-054b2d17c465e98c3.hbgpsim.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	i-054b2d17c465e98c3.hbgpsim.com
2	6856376.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	5012033.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	9599098.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	lptag.liveperson.net	i-054b2d17c465e98c3.hbgpsim.com
2	www.surveycarrot.com	i-054b2d17c465e98c3.hbgpsim.com
2	api.alpharank.io	i-054b2d17c465e98c3.hbgpsim.com api.alpharank.io
2	integration.silvercloudinc.com	i-054b2d17c465e98c3.hbgpsim.com
1	us-u.openx.net	i-054b2d17c465e98c3.hbgpsim.com
1	pixel.rubiconproject.com	i-054b2d17c465e98c3.hbgpsim.com
1	ib.adnxs.com	i-054b2d17c465e98c3.hbgpsim.com
1	idsync.rlcdn.com	i-054b2d17c465e98c3.hbgpsim.com
1	ce.lijit.com	i-054b2d17c465e98c3.hbgpsim.com
1	bcp.crwdcntrl.net	i-054b2d17c465e98c3.hbgpsim.com
1	stags.bluekai.com	i-054b2d17c465e98c3.hbgpsim.com
1	sync.bfmio.com	i-054b2d17c465e98c3.hbgpsim.com
1	loadm.exelator.com	i-054b2d17c465e98c3.hbgpsim.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	i-054b2d17c465e98c3.hbgpsim.com
1	eb2.3lift.com	i-054b2d17c465e98c3.hbgpsim.com
1	i.simpli.fi	tag.simpli.fi
1	pixel.alpharank.io	api.alpharank.io
1	adservice.google.fi	adservice.google.com
1	tag.simpli.fi	connect.segmint.net
1	maprtb.segmint.net	connect.segmint.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	calc-backend-prod.herokuapp.com	embed.signalintent.com
1	fonts.googleapis.com	allincu.com
1	www.overflowworks.com	i-054b2d17c465e98c3.hbgpsim.com
1	allincu.quiq-api.com	i-054b2d17c465e98c3.hbgpsim.com
1	quickquote-consumer.optimalblue.com	i-054b2d17c465e98c3.hbgpsim.com
1	i-054b2d17c465e98c3.hbgpsim.com
156	60

This site contains links to these domains. Also see Links.

Domain
allincu.com
videobanking.allincu.com
www.allincuonline.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
app.loanspq.com
loans.allincu.com
quiqurls.com
ncua.gov
www.hud.gov

Subject Issuer	Validity	Valid
i-054b2d17c465e98c3.hbgpsim.com R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.silvercloudinc.com Go Daddy Secure Certificate Authority - G2	`2023-06-26` - `2024-06-26`	a year	crt.sh
*.optimalblue.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-06-06`	a year	crt.sh
api.alpharank.io R3	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.segmint.net Amazon RSA 2048 M02	`2023-03-01` - `2023-12-30`	10 months	crt.sh
signalintent.com E1	`2023-07-19` - `2023-10-17`	3 months	crt.sh
quiq-api.com E1	`2023-06-14` - `2023-09-12`	3 months	crt.sh
surveycarrot.com Thawte RSA CA 2018	`2023-01-25` - `2024-02-10`	a year	crt.sh
www.allincu.com Go Daddy Secure Certificate Authority - G2	`2023-02-28` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-13` - `2024-01-09`	6 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-02-07` - `2024-02-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-29` - `2023-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
*.herokuapp.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
pixel.alpharank.io R3	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-10` - `2024-01-10`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Frame ID: 7C388CFD65800EB550596641315D3B3B
Requests: 116 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/doughnut/en1qq5qnqM
Frame ID: E8E739C4E828A04C61D6C2F15F8A1582
Requests: 25 HTTP requests in this frame

Frame: https://9599098.fls.doubleclick.net/activityi;dc_pre=CLad3-j_n4ADFcdCwgod7mIC3w;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid
Frame ID: 422F6EADED5FE89874072711F4433D7A
Requests: 5 HTTP requests in this frame

Frame: https://5012033.fls.doubleclick.net/activityi;dc_pre=CMfn3-j_n4ADFV8IogMdmZgACA;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid
Frame ID: 30DF4F623E08AFBAD8619509D3246D3C
Requests: 2 HTTP requests in this frame

Frame: https://6856376.fls.doubleclick.net/activityi;dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615
Frame ID: BA46379EFB00EAAE8FA17D5EE2589ACA
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615;~oref=https://i-054b2d17c465e98c3.hbgpsim.com/
Frame ID: 7659DBFFFBF335AA6A8DE4DDDF459C9E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.fi/ddm/fls/i/dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615;~oref=https://i-054b2d17c465e98c3.hbgpsim.com/
Frame ID: 00876FEE1FAF4B6FD5B488885F8BD946
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com&site=6918209&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: 5A6BBC899A0AFC655CB1839DEA94BEAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

All In Credit Union | Alabama | Florida

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

156
Requests

83 %
HTTPS

33 %
IPv6

41
Domains

60
Subdomains

52
IPs

5
Countries

5421 kB
Transfer

8716 kB
Size

31
Cookies

102 Outgoing links

These are links going to different origins than the main page.

URL: https://allincu.com/#startcontent
Title: Skip to Main Content

Search URL Search Domain Scan URL

URL: https://allincu.com/

Search URL Search Domain Scan URL

URL: https://allincu.com/bank/checking-accounts.html
Title: Bank

Search URL Search Domain Scan URL

URL: https://allincu.com/borrow/vehicle-loans.html
Title: Borrow

Search URL Search Domain Scan URL

URL: https://allincu.com/business.html
Title: Business

Search URL Search Domain Scan URL

URL: https://allincu.com/save/savings.html
Title: Save

Search URL Search Domain Scan URL

URL: https://allincu.com/service/insurance.html
Title: Services

Search URL Search Domain Scan URL

URL: https://allincu.com/why-us/our-story.html
Title: Why Us?

Search URL Search Domain Scan URL

URL: https://videobanking.allincu.com/
Title: Make an Appointment

Search URL Search Domain Scan URL

URL: https://allincu.com/rates/share-rates.html
Title: Rates

Search URL Search Domain Scan URL

URL: https://allincu.com/contact-us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://allincu.com/locations.html
Title: Locations

Search URL Search Domain Scan URL

URL: https://allincu.com/careers.html
Title: Careers

Search URL Search Domain Scan URL

URL: https://allincu.com/why-us/community-involvement.html
Title: Community

Search URL Search Domain Scan URL

URL: https://allincu.com/bank/online-services.html
Title: Online Services

Search URL Search Domain Scan URL

URL: https://allincu.com/bank/transfers-and-payments.html
Title: Transfers/Payments

Search URL Search Domain Scan URL

URL: https://allincu.com/bank/zelle.html
Title: Zelle®

Search URL Search Domain Scan URL

URL: http://allincu.com/bank/youth.html
Title: Youth

Search URL Search Domain Scan URL

URL: https://allincu.com/bank/debit-card-round-up.html
Title: Debit Card Round Up

Search URL Search Domain Scan URL

URL: https://allincu.com/bank/pink-debit-card.html
Title: Pink Debit Card

Search URL Search Domain Scan URL

URL: http://allincu.com/bank/refer-a-friend.html
Title: Refer a Friend

Search URL Search Domain Scan URL

URL: https://allincu.com/borrow/personal-loans.html
Title: Personal Loans

Search URL Search Domain Scan URL

URL: https://allincu.com/borrow/credit-cards.html
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://allincu.com/borrow/mortgage-loans.html
Title: Mortgage Loans

Search URL Search Domain Scan URL

URL: http://allincu.com/borrow/payday-assistance-loan.html
Title: Payday Assistance Loan

Search URL Search Domain Scan URL

URL: https://allincu.com/my-offers.html
Title: My Offers

Search URL Search Domain Scan URL

URL: https://allincu.com/rates/loan-rates.html
Title: Loan Rates

Search URL Search Domain Scan URL

URL: https://allincu.com/calculators.html
Title: Financial Calculators

Search URL Search Domain Scan URL

URL: https://allincu.com/save/share-and-ira--certificates.html
Title: Share/IRA Certificate

Search URL Search Domain Scan URL

URL: https://allincu.com/save/money-market.html
Title: Money Market

Search URL Search Domain Scan URL

URL: https://allincu.com/protect/buy-local-spend-local.html
Title: Buy Local Spend Local

Search URL Search Domain Scan URL

URL: https://allincu.com/service/card-control.html
Title: Card Control

Search URL Search Domain Scan URL

URL: https://allincu.com/service/savvy-money.html
Title: Credit Score - SavvyMoney

Search URL Search Domain Scan URL

URL: https://allincu.com/service/security-center.html
Title: Online Security Center

Search URL Search Domain Scan URL

URL: https://allincu.com/service/gap-and-warranty.html
Title: Gap & Warranty

Search URL Search Domain Scan URL

URL: https://allincu.com/service/collateral-protection.html
Title: Collateral Protection

Search URL Search Domain Scan URL

URL: https://allincu.com/service/hurricane-preparedness.html
Title: Hurricane Preparedness

Search URL Search Domain Scan URL

URL: https://allincu.com/protect/financialeducation.html
Title: Financial Education Center

Search URL Search Domain Scan URL

URL: http://allincu.com/protect/automated-fraud-alerts.html
Title: Automated Fraud Alerts

Search URL Search Domain Scan URL

URL: https://allincu.com/why-us/welcome-to-the-all-in-2-finances-challenge.html
Title: All In 2 Finances Challenge • Season 3

Search URL Search Domain Scan URL

URL: https://allincu.com/why-us/all-in-credit-union-grant.html
Title: $400,000 Grant

Search URL Search Domain Scan URL

URL: https://allincu.com/why-us/sponsorships-and--donations.html
Title: Sponsorships & Donations

Search URL Search Domain Scan URL

URL: https://allincu.com/why-us/scholarship--program.html
Title: Scholarship Program

Search URL Search Domain Scan URL

URL: https://allincu.com/annual-report.html
Title: Annual Report

Search URL Search Domain Scan URL

URL: https://allincu.com/why-us/open-an-account.html
Title: Open an Account

Search URL Search Domain Scan URL

URL: http://allincu.com/why-us/financial-exploitation-prevention-program.html
Title: Financial Exploitation Prevention Program

Search URL Search Domain Scan URL

URL: https://allincu.com/rates/business-rates.html
Title: Business Rates

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/andalusia-mlk-expressway.html
Title: Andalusia- MLK Expressway

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/century.html
Title: Century, FL - NOW OPEN

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/crestview.html
Title: Crestview- South Ferdon Boulevard

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/daleville.html
Title: Daleville - North Daleville Avenue

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/daleville-operations-center.html
Title: Daleville Operations Center - Virginia Avenue

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/daphne.html
Title: Daphne - Highway 98

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/defuniak-springs.html
Title: DeFuniak Springs - US Highway 331 South

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/dothan-east.html
Title: Dothan - Cottonwood Road

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/dothan-honeysuckle.html
Title: Dothan - Honeysuckle Road

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/dothan-north.html
Title: Dothan - Montgomery Highway

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/dothan-south.html
Title: Dothan - South Park Avenue

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/dothan-west.html
Title: Dothan - South Woodburn Drive

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/enterprise-west.html
Title: Enterprise - Boll Weevil Circle & Highway 167

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/enterprise-south.html
Title: Enterprise - Boll Weevil Circle & Highway 27

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/enterprise-east.html
Title: Enterprise - Rucker Boulevard

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/evergreen.html
Title: Evergreen - NOW OPEN

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/fort-novosel.html
Title: Fort Novosel - Red Cloud Road

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/geneva.html
Title: Geneva - Maple Avenue

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/marianna--highway-90.html
Title: Marianna- Highway 90

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/midland-city--county-road-59.html
Title: Midland City- County Road 59

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/mobile-airport.html
Title: Mobile - Airport Boulevard

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/mobile-brookley.html
Title: Mobile - Brookley Field

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/mobile-downtown.html
Title: Mobile - Dauphin Street

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/mobile-west.html
Title: Mobile - Downtowner Boulevard

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/opp.html
Title: Opp - West Cumming Avenue

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/ozark-north.html
Title: Ozark - East Andrews Avenue

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/ozark-south.html
Title: Ozark - US Highway 231 South

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/pascagoula.html
Title: Pascagoula, MS - Now Open

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/santa-rosa-beach.html
Title: Santa Rosa Beach - Mack Bayou Road

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/skipperville.html
Title: Skipperville - Highway 105

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/theodore.html
Title: Theodore - Willis Road

Search URL Search Domain Scan URL

URL: https://allincu.com/locations/troy.html
Title: Troy - Alabama Hwy 87

Search URL Search Domain Scan URL

URL: https://www.allincuonline.com/dbank/live/app/login/consumer
Title: Online Banking Login

Search URL Search Domain Scan URL

URL: https://www.allincuonline.com/dbank/live/app/register
Title: Enroll

Search URL Search Domain Scan URL

URL: https://www.allincuonline.com/dbank/live/app/authUpdate
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://www.facebook.com/allincu
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/all_in_cu
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/all_in_credit_union/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/all-in-credit-union
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://allincu.com/online-banking-demo.html
Title: Demo/Help

Search URL Search Domain Scan URL

URL: https://app.loanspq.com/apply.aspx?lenderref=ArmyAvFCU102616&list=xa1ssa2sst
Title: Open an Account

Search URL Search Domain Scan URL

URL: https://loans.allincu.com/portal?utm_source=website&utm_medium=main&utm_campaign=apply_now
Title: Apply for a Loan

Search URL Search Domain Scan URL

URL: https://allincu.com/win-1000.html
Title: Learn More

Search URL Search Domain Scan URL

URL: https://allincu.com/
Title: 1

Search URL Search Domain Scan URL

URL: https://allincu.com/bank/online-services.html#mobile

Search URL Search Domain Scan URL

URL: https://allincu.com/bank/checking-accounts.html#bazing

Search URL Search Domain Scan URL

URL: https://loans.allincu.com/
Title: Car Shopping Made Easy

Search URL Search Domain Scan URL

URL: https://quiqurls.com/kaRL56
Title: Text With Us

Search URL Search Domain Scan URL

URL: https://allincu.com/disclosures.html
Title: Disclosures

Search URL Search Domain Scan URL

URL: https://allincu.com/site-map.html
Title: Site Map

Search URL Search Domain Scan URL

URL: https://allincu.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://allincu.com/fees.html
Title: Fees

Search URL Search Domain Scan URL

URL: https://allincu.com/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://ncua.gov/

Search URL Search Domain Scan URL

URL: http://www.hud.gov/fairhousing

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://9599098.fls.doubleclick.net/activityi;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid HTTP 302
https://9599098.fls.doubleclick.net/activityi;dc_pre=CLad3-j_n4ADFcdCwgod7mIC3w;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid

Request Chain 77

https://5012033.fls.doubleclick.net/activityi;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid HTTP 302
https://5012033.fls.doubleclick.net/activityi;dc_pre=CMfn3-j_n4ADFV8IogMdmZgACA;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid

Request Chain 78

https://6856376.fls.doubleclick.net/activityi;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615 HTTP 302
https://6856376.fls.doubleclick.net/activityi;dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615

Request Chain 95

https://um.simpli.fi/segmint HTTP 302
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=486B9DC5498D45A7B2CF4FF189CF3E1F

Request Chain 98

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/949988307/?random=788930245&cv=11&fst=1689949322903&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=LEygCIeD9fEBENPX_sQD&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&auid=1015865844.1689949323&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=i5S6ZMy1BsHK6wS_pp7ACQ&sscte=1&crd=&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMreqvLxXv57vbjlYfR-6a3Uc4ylKryDAFU&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1NfNERUd2EzREFqaTBXckw1ZDRYYXFxdEwtWEdIUFg1WTlGTjdxZlZMaE1UY0EaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUwRHJOUmR3Zy1TaTktRGppZVdoQVVxbzlOQUpGdEM5YzZKX0dQa1pIUjRpemNKRjJXbGc2M0hYdyITCIyn3uj_n4ADFUHlmgodP5MHmA HTTP 302
https://www.google.com/pagead/1p-conversion/949988307/?random=788930245&cv=11&fst=1689949322903&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=LEygCIeD9fEBENPX_sQD&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&auid=1015865844.1689949323&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1NfNERUd2EzREFqaTBXckw1ZDRYYXFxdEwtWEdIUFg1WTlGTjdxZlZMaE1UY0EaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUwRHJOUmR3Zy1TaTktRGppZVdoQVVxbzlOQUpGdEM5YzZKX0dQa1pIUjRpemNKRjJXbGc2M0hYdyITCIyn3uj_n4ADFUHlmgodP5MHmA&is_vtc=1&ocp_id=i5S6ZMy1BsHK6wS_pp7ACQ&cid=CAQSKQBpAlJW-H_TEpDOp30lr-zYNoYjuKy6WGYUMcFy5ytzEVL98nXugzWk&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMqusC1TsTpg7CQqxzBDeImRhunSUkvgtwA&random=3678705324 HTTP 302
https://www.google.fi/pagead/1p-conversion/949988307/?random=788930245&cv=11&fst=1689949322903&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=LEygCIeD9fEBENPX_sQD&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&auid=1015865844.1689949323&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1NfNERUd2EzREFqaTBXckw1ZDRYYXFxdEwtWEdIUFg1WTlGTjdxZlZMaE1UY0EaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUwRHJOUmR3Zy1TaTktRGppZVdoQVVxbzlOQUpGdEM5YzZKX0dQa1pIUjRpemNKRjJXbGc2M0hYdyITCIyn3uj_n4ADFUHlmgodP5MHmA&is_vtc=1&ocp_id=i5S6ZMy1BsHK6wS_pp7ACQ&cid=CAQSKQBpAlJW-H_TEpDOp30lr-zYNoYjuKy6WGYUMcFy5ytzEVL98nXugzWk&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMqusC1TsTpg7CQqxzBDeImRhunSUkvgtwA&random=3678705324&ipr=y

Request Chain 99

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10810603100/?random=736811335&cv=11&fst=1689949322907&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=4i7aCJXhooQDENzs8qIo&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&auid=1015865844.1689949323&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=i5S6ZKq7BtO278EPl6ixkAo&sscte=1&crd=&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMo4Hu_8A7xTsqxFm4naoc-aM2m3iqOLK2Q&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1NfNERUd2EzREFqaTBXckw1ZDRYYXFxdEwtWEdIUFg1WTlGTjdxZlZMaE1UY0EaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUxRFoxQ1Zpa2dwc2UwczFQb0RqNE5Ebk44bkN2RXR5LVN1OWo1bTh6LTBEbVFSR3g4RE1RR1BsdyITCOqs3uj_n4ADFVPbOwIdF1QMog HTTP 302
https://www.google.com/pagead/1p-conversion/10810603100/?random=736811335&cv=11&fst=1689949322907&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=4i7aCJXhooQDENzs8qIo&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&auid=1015865844.1689949323&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1NfNERUd2EzREFqaTBXckw1ZDRYYXFxdEwtWEdIUFg1WTlGTjdxZlZMaE1UY0EaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUxRFoxQ1Zpa2dwc2UwczFQb0RqNE5Ebk44bkN2RXR5LVN1OWo1bTh6LTBEbVFSR3g4RE1RR1BsdyITCOqs3uj_n4ADFVPbOwIdF1QMog&is_vtc=1&ocp_id=i5S6ZKq7BtO278EPl6ixkAo&cid=CAQSKQBpAlJWsngQqwVDCjyqRXJozqmuPiOyScwnzWc1MS4MKaN55KyOQe6J&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMqgRP4XPiSJnTYU96zNPYJc43BrdY493Wg&random=1837600632 HTTP 302
https://www.google.fi/pagead/1p-conversion/10810603100/?random=736811335&cv=11&fst=1689949322907&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=4i7aCJXhooQDENzs8qIo&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&auid=1015865844.1689949323&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1NfNERUd2EzREFqaTBXckw1ZDRYYXFxdEwtWEdIUFg1WTlGTjdxZlZMaE1UY0EaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUxRFoxQ1Zpa2dwc2UwczFQb0RqNE5Ebk44bkN2RXR5LVN1OWo1bTh6LTBEbVFSR3g4RE1RR1BsdyITCOqs3uj_n4ADFVPbOwIdF1QMog&is_vtc=1&ocp_id=i5S6ZKq7BtO278EPl6ixkAo&cid=CAQSKQBpAlJWsngQqwVDCjyqRXJozqmuPiOyScwnzWc1MS4MKaN55KyOQe6J&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMqgRP4XPiSJnTYU96zNPYJc43BrdY493Wg&random=1837600632&ipr=y

Request Chain 101

https://secure.adnxs.com/px?id=1375839&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1375839%26t%3D2

Request Chain 120

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/713210458/?random=872939742&cv=9&fst=1689949323468&num=1&npa=1&label=dIvbCODMhIcYENr0itQC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9599098.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLad3-j_n4ADFcdCwgod7mIC3w%3Bsrc%3D9599098%3Btype%3Dinvmedia%3Bcat%3Ddv3600%3Bord%3D1%3Bnum%3D8405180173683%3Bauiddc%3D1015865844.1689949323%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fi-054b2d17c465e98c3.hbgpsim.com%252F%253Frid%253D3gPNPid%3F&ref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=i5S6ZMTQH9Wn78EPm7mRqAw&sscte=1&crd=&pscrd=IhMIhML36P-fgAMV1dM7Ah2bXATF HTTP 302
https://www.google.com/pagead/1p-conversion/713210458/?random=872939742&cv=9&fst=1689949323468&num=1&npa=1&label=dIvbCODMhIcYENr0itQC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9599098.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLad3-j_n4ADFcdCwgod7mIC3w%3Bsrc%3D9599098%3Btype%3Dinvmedia%3Bcat%3Ddv3600%3Bord%3D1%3Bnum%3D8405180173683%3Bauiddc%3D1015865844.1689949323%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fi-054b2d17c465e98c3.hbgpsim.com%252F%253Frid%253D3gPNPid%3F&ref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhML36P-fgAMV1dM7Ah2bXATF&is_vtc=1&ocp_id=i5S6ZMTQH9Wn78EPm7mRqAw&cid=CAQSKQBpAlJWQCENESMMYSiLYIMW9SACGh8vs0cgLq7rHEjqmg6Egbx_DPHS&random=2320542960&resp=GooglemKTybQhCsO HTTP 302
https://www.google.fi/pagead/1p-conversion/713210458/?random=872939742&cv=9&fst=1689949323468&num=1&npa=1&label=dIvbCODMhIcYENr0itQC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9599098.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLad3-j_n4ADFcdCwgod7mIC3w%3Bsrc%3D9599098%3Btype%3Dinvmedia%3Bcat%3Ddv3600%3Bord%3D1%3Bnum%3D8405180173683%3Bauiddc%3D1015865844.1689949323%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fi-054b2d17c465e98c3.hbgpsim.com%252F%253Frid%253D3gPNPid%3F&ref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhML36P-fgAMV1dM7Ah2bXATF&is_vtc=1&ocp_id=i5S6ZMTQH9Wn78EPm7mRqAw&cid=CAQSKQBpAlJWQCENESMMYSiLYIMW9SACGh8vs0cgLq7rHEjqmg6Egbx_DPHS&random=2320542960&resp=GooglemKTybQhCsO&ipr=y

Request Chain 127

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=33E9E00F65AC409A91E0CF980980443B&dongle=yf3

Request Chain 128

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=33E9E00F65AC409A91E0CF980980443B

Request Chain 129

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=33E9E00F65AC409A91E0CF980980443B HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=33E9E00F65AC409A91E0CF980980443B

Request Chain 130

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=33E9E00F65AC409A91E0CF980980443B HTTP 302
https://d.agkn.com/pixel/10751/?che=1689949324227&ip=185.204.1.184&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216603104584003067284 HTTP 302
https://um.simpli.fi/aa_px?sk=216603104584003067284 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 131

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=33E9E00F65AC409A91E0CF980980443B

Request Chain 134

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=33E9E00F65AC409A91E0CF980980443B;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=33E9E00F65AC409A91E0CF980980443B;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-4977074785785722547

Request Chain 135

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=33E9E00F65AC409A91E0CF980980443B&j=0

Request Chain 137

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=33E9E00F65AC409A91E0CF980980443B

Request Chain 138

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=33E9E00F65AC409A91E0CF980980443B

Request Chain 139

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=33E9E00F65AC409A91E0CF980980443B

Request Chain 140

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=33E9E00F65AC409A91E0CF980980443B

Request Chain 141

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=33E9E00F65AC409A91E0CF980980443B

Request Chain 142

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1689949323943&cv=7&fst=1689949323943&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1670051199&cv=7&fst=1689949323943&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jJS6ZMjRAcWf78EP8ueSoAQ&sscte=1&crd=&pscrd=IhMIyMeW6f-fgAMVxc87Ah3yswRE HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1670051199&cv=7&fst=1689949323943&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyMeW6f-fgAMVxc87Ah3yswRE&is_vtc=1&ocp_id=jJS6ZMjRAcWf78EP8ueSoAQ&cid=CAQSKQBpAlJWRY0PDasDL54QTKQeKabunUu67sm2M9FUMjQygKHJS1Aef1Aq&random=3514820345 HTTP 302
https://www.google.fi/pagead/1p-conversion/1026675585/?random=1670051199&cv=7&fst=1689949323943&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyMeW6f-fgAMVxc87Ah3yswRE&is_vtc=1&ocp_id=jJS6ZMjRAcWf78EP8ueSoAQ&cid=CAQSKQBpAlJWRY0PDasDL54QTKQeKabunUu67sm2M9FUMjQygKHJS1Aef1Aq&random=3514820345&ipr=y

Request Chain 143

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=33E9E00F65AC409A91E0CF980980443B HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=33E9E00F65AC409A91E0CF980980443B&__user_check__=1&sync_id=f7259cb2-27d1-11ee-ad38-1024185a0106

Request Chain 144

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=33E9E00F65AC409A91E0CF980980443B

Request Chain 145

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=33E9E00F65AC409A91E0CF980980443B&expires=365

Request Chain 146

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=33E9E00F65AC409A91E0CF980980443B

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEISpFUlKV7JtLwXdNaBJh24&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=33E9E00F65AC409A91E0CF980980443B HTTP 302
https://um.simpli.fi/g_match?id=

156 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
i-054b2d17c465e98c3.hbgpsim.com/ 54 KB
12 KB 549ms
195ms Document
text/html 18.191.159.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.191.159.80 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-159-80.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 5eadee030e5419ecfacfff76b7ff91c67a6e8a02c1e1e2bd617a31a26620291d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 14:22:00 GMT
vary: Accept-Encoding
x-server: gophish

GET
H2 200 silvercloud.css
integration.silvercloudinc.com/css/ 65 KB
12 KB 203ms
74ms Stylesheet
text/css 65.9.66.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integration.silvercloudinc.com/css/silvercloud.css?ver=202208181801
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ddc6c14f82c72b677154f86a4ee981d238ad42e672b92932c7967b7d3d8e562

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 07:33:30 GMT
content-encoding: gzip
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 00:49:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 55159
x-amz-server-side-encryption: AES256
etag: W/"a75f498d224a21517543fdde1cd403ce"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: R8AWb2-lQJKiyRRXx7H58YYmYRLERAerFi7jBWHPVqcPkZeza63OSg==

GET
H2 200 obWidget.1.0.0.js Show response
quickquote-consumer.optimalblue.com/ 8 KB
2 KB 641ms
164ms Script
application/x-javascript 40.80.191.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickquote-consumer.optimalblue.com/obWidget.1.0.0.js
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.80.191.1 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 715f6107fcb56a79dce10afe2574bbb6e06589214e4387e39681c638d34cc49b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:01 GMT
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 21:00:26 GMT
server: Microsoft-IIS/10.0
etag: "0d1aee13b5d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 2148

GET
H/1.1 200
OK 9d50a50d1eb75b52f2a17226a37a83e5d688f1f94eb981643db6c521f04b3e54 Show response
api.alpharank.io/api/pixel/script/ 497 B
850 B 596ms
187ms Script
text/javascript 52.88.183.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alpharank.io/api/pixel/script/9d50a50d1eb75b52f2a17226a37a83e5d688f1f94eb981643db6c521f04b3e54
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-183-153.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 / Express
Resource Hash: 80060777c2e1962fffef5df369cbbebdf6e859d4c4bed43e7d89af0a839553ec

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Server: nginx/1.12.2
X-Powered-By: Express
ETag: W/"1f1-eBM5VKaqoc3Pgw84I0JXNd44vns"
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: undefined
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 497

GET
H/1.1 200
OK segmint.min.js Show response
cdn.segmint.net/ 16 KB
16 KB 231ms
66ms Script
application/javascript 18.66.97.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/segmint.min.js
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-77.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbb6fd80dd733223ed988bcbaa33ccac8fa5488fd75927c3f071a23ff0beff5f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 01:43:06 GMT
Via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Mar 2023 12:29:31 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 55661
x-amz-server-side-encryption: AES256
ETag: "17b0c0ee75dfe9def11b42b282a91667"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age:900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16149
X-Amz-Cf-Id: EBCUVEUr77DKjMZZT2egEOpO0u4j3So-_iBBbWLY2CIGECnxTJNKGg==

GET
H2 200 embedded.js Show response
embed.signalintent.com/js/ 985 B
943 B 446ms
357ms Script
application/javascript 2606:4700:20::681a:64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.signalintent.com/js/embedded.js?org-guid=794e7f4a-6049-4dbe-bde5-eac171e76774
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 162aa0f27f2ec3db1569cca5f3f60ebec15d353c662456598201422abf28c5e2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:01 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Jul 2023 14:22:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NHeQ1wTg4H1Ce6MUACAjBaQ9AxElN06C5AHzTMGnSiiptPrP7tAjer1tcEzM0HWfY%2FNvE1EP0kh1Stba%2B58laojtKyu28ojaLv7ef%2Bql4R62p8BD8yzoCCBL88chysBmv3ciSLSGfXlZ1nBNKVQZ33fA3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7ea417f75a814c8a-HEL

GET
H2 200 index.js Show response
allincu.quiq-api.com/app/chat-ui/ 4 KB
3 KB 428ms
339ms Script
application/javascript 2606:4700:20::681a:7db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.quiq-api.com/app/chat-ui/index.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fd1404ab5f1acfd3345de0fa680bb1bf86e5475de01884db17ebee7331a168c

Security Headers

Name	Value
Content-Security-Policy	report-uri https://sentry.goquiq.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:01 GMT
content-security-policy: report-uri https://sentry.goquiq.com/r/d/csp/enforce;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'none'; base-uri 'self'; block-all-mixed-content; img-src 'self' data: blob: https://*; style-src 'self' 'unsafe-inline' https://*; script-src 'self' 'unsafe-inline' https://static.quiq-cdn.com https://static.goquiq.com https://static.cloudflareinsights.com https://js.stripe.com https://js.cobrowse.io https://js.braintreegateway.com https://static.cdn-apple.com https://www.gstatic.com https://businessmessages.google.com; connect-src 'self' https://*.goquiq.com wss://*.goquiq.com https://*.quiq-api.com https://*.braintree-api.com https://*.braintreegateway.com https://businessmessages.google.com https://quiq-assets-prod-east.s3.us-east-1.amazonaws.com https://quiq-assets-prod-east.s3.amazonaws.com https://assets-prod-east.goquiq.com; font-src 'self' data: https://*; frame-src https://*; media-src 'self' https://static.quiq-cdn.com https://static.goquiq.com https://quiq-assets-prod-east.s3.us-east-1.amazonaws.com https://quiq-assets-prod-east.s3.amazonaws.com https://assets-prod-east.goquiq.com; form-action 'self'; report-uri https://sentry.goquiq.com/r/d/csp/reportOnly;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Jul 2023 19:47:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCirJOzRq0DLLzp9LVzWf5HZoaaolsTjZHByHH8He0J3VmeyCpPmNfxOVWB2IRwAsoxvsa4Cnj8tWQrd2RswfeSLe9IQRA7EzfYgp6P7SoLW1rf5YqxF8Ov5QPIntSD8qi5OeqpKe77URcKOFgZL62F2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=360, public, s-maxage=300
cf-ray: 7ea417f75dc14c80-HEL
expires: Fri, 21 Jul 2023 14:28:01 GMT

GET
H/1.1 200
OK image_view.js Show response
www.surveycarrot.com/js/ 512 B
698 B 655ms
154ms Script
application/javascript 192.223.10.25
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.surveycarrot.com/js/image_view.js
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 /
Resource Hash: 9d23d2c0f77fcd55b2dde6ce32f6192f61035d1beb12d7451e4c00ecd5c7100c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Mar 2023 21:29:25 GMT
Server: Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46
ETag: "200-5f838e73dd740-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 322

GET
H/1.1 200
OK jquery-ui.css
allincu.com/jquery/jquery_custom/ui-theme/ 35 KB
9 KB 678ms
168ms Stylesheet
text/css 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_custom/ui-theme/jquery-ui.css?ver=202208181801

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

0f11b4233d591e1d733753c44fab03f975ef8acbaf3781ed5d8ceb81f7ee3e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Mar 2018 20:20:50 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "8dd6-567f1ed536c80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8510

GET
H/1.1 200
OK jquery.timepicker-addon.css
allincu.com/jquery/jquery_plugins/ 2 KB
917 B 677ms
168ms Stylesheet
text/css 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_plugins/jquery.timepicker-addon.css

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

78623bcab5f2c49d1b44ac501d7146864d818ab26158851ce0bd9ec2650f53bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Mar 2018 13:30:04 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "798-568004e26af00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 519

GET
H/1.1 200
OK voice.css
allincu.com/css/ 76 KB
17 KB 681ms
171ms Stylesheet
text/css 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/css/voice.css?ver=202208181801

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

562bd981eca968aa3f07b016f5290b3eba48c9ddd2baa45c7b6f9a95b3c2b0f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Jul 2022 16:41:13 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "13026-5e4cc15c13c40-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17292

GET
H/1.1 200
OK fonts.css
allincu.com/css/ 369 B
671 B 847ms
168ms Stylesheet
text/css 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/css/fonts.css?ver=202208181801

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

00e916e6a25a984c80414bf93453828d749a7c47474831b08c1ce402d33d929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 29 Mar 2019 15:21:52 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "171-5853d3af22400-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 274

GET
H/1.1 200
OK layout.css
allincu.com/css/ 29 KB
7 KB 848ms
169ms Stylesheet
text/css 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/css/layout.css?ver=202208181801

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

340c841da321f68db0f1868bf4b4cc7d115324ab2d94285e0057fb782f2e974d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Apr 2019 15:43:01 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "7415-587ad23aa2b40-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7275

GET
H/1.1 200
OK content.css
allincu.com/css/ 5 KB
2 KB 1016ms
168ms Stylesheet
text/css 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/css/content.css?ver=202208181801

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

a075fc7feaea36b32ab17b48136838d6112add268a5ed565f5ab375f2fd54c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 13:38:37 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "14f4-587e7c04cb140-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1797

GET
H/1.1 200
OK rates.css
allincu.com/css/ 4 KB
2 KB 1017ms
168ms Stylesheet
text/css 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/css/rates.css?ver=202208181801

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

323905cb9dc07e230abf26bc57aef871ca549a6a33b95f1b557e01dc947ed027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Apr 2019 19:38:10 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "f5b-5861e17ccec80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1260

GET
H/1.1 200
OK bits.css
allincu.com/css/ 36 KB
8 KB 1018ms
169ms Stylesheet
text/css 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/css/bits.css?ver=202208181801

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

53a04527c54da4421046f983a55829b3429e35d3188ecc05c299300a3e485ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Aug 2022 17:29:24 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "8e68-5e67334bd4500-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7905

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
allincu.com/jquery/jquery_custom/js/ 87 KB
31 KB 1193ms
174ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_custom/js/jquery-3.5.1.min.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 23:02:39 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "15d84-5a4da870aa1c0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 30910

GET
H/1.1 200
OK jquery-ui.min.js Show response
allincu.com/jquery/jquery_custom/ui-theme/ 314 KB
76 KB 1247ms
183ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_custom/ui-theme/jquery-ui.min.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

cada70d07e8e32ed5ca32fd9ae87f4d8be60eb13c60c6e3e9fcbb7c8b7b6854d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Apr 2018 18:38:56 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4e817-56a4c00247000-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery.json.min.js Show response
allincu.com/jquery/jquery_plugins/ 2 KB
1 KB 1237ms
172ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_plugins/jquery.json.min.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

01cea9335f653faf74a88d3b9de3ceff263a52dddceca33d02035d9dce4bb6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Mar 2018 12:10:36 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "7f0-568134fcc2700-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1033

GET
H/1.1 200
OK jquery.timepicker-addon.l9.js Show response
allincu.com/jquery/jquery_plugins/ 77 KB
19 KB 1362ms
173ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_plugins/jquery.timepicker-addon.l9.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

d809b15cc6ed0c338813655858c28ed49e71bbdd61e9f24be1a1cc0f20dad549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 May 2018 13:39:49 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "13315-56b9dcdb85340-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 18987

GET
H/1.1 200
OK jquery.validate.min.js Show response
allincu.com/jquery/jquery_plugins/ 23 KB
8 KB 1357ms
169ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_plugins/jquery.validate.min.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Mar 2018 16:44:11 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "5add-56803045dccc0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7502

GET
H/1.1 200
OK jquery.flexslider.l9.js Show response
allincu.com/jquery/jquery_plugins/ 55 KB
12 KB 1411ms
174ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_plugins/jquery.flexslider.l9.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

b50adb99bc554816a8335a09ba0633e90808fe17c82e7643f9de05e28e744a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 Jun 2018 17:21:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "dde9-56eb173d292c0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12349

GET
H/1.1 200
OK jquery.placeholder.js Show response
allincu.com/jquery/jquery_plugins/ 5 KB
2 KB 1526ms
168ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_plugins/jquery.placeholder.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

bd45e67d1e4c688190a63fad2c280b978f3d8b311803f8ddbac36b5de021c942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 07 May 2015 19:12:16 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "14e3-51582b0946400-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1748

GET
H/1.1 200
OK main.js Show response
allincu.com/scripts/ 24 KB
7 KB 1531ms
169ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/scripts/main.js?ver=202208181801

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

724619730355b3afb32673dd82a766c11fa5c7fba27e82673bb8663e5590cda9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Apr 2021 18:03:00 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "60fc-5c0e3f4c1bd00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6590

GET
H/1.1 200
OK menu-mobile.js Show response
allincu.com/scripts/ 2 KB
1017 B 1546ms
171ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/scripts/menu-mobile.js?ver=202208181801

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

d941290853308c540ca93dbe89435a84833bfc11c1a3b47501c075a719b6ed68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Jun 2018 18:42:35 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "69c-56de969e55cc0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 612

GET
H/1.1 200
OK main_custom.js Show response
allincu.com/scripts/ 14 KB
4 KB 1695ms
168ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/scripts/main_custom.js?ver=202208181801

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

90bb794a4fc9c04dec23475a73bc4e1bb57194ce2ae5657e11106e09a6765396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Apr 2021 18:03:01 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3887-5c0e3f4d0ff40-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3881

GET
H/1.1 200
OK comments.js Show response
allincu.com/scripts/ 11 KB
2 KB 1696ms
168ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/scripts/comments.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

8a7c0bbf650b679130c697c572c14667d82423329b7d3cdb43a49b59ea0a72db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Sep 2019 12:20:34 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2a60-592e6faf44880-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1970

GET
H/1.1 200
OK jquery.hoverIntent.min.js Show response
allincu.com/jquery/jquery_plugins/ 2 KB
1 KB 1699ms
168ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_plugins/jquery.hoverIntent.min.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Mar 2018 14:24:46 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "8c4-5680111c60780-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 939

GET
H/1.1 200
OK jquery.dropdown.js Show response
allincu.com/jquery/jquery_plugins/ 281 B
563 B 1717ms
171ms Script
text/javascript 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/jquery/jquery_plugins/jquery.dropdown.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

ebc29ca6cd3127eab2bc5b4b660cb015f6d0448587f73c67184f9db1e4ee4dab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 21:16:32 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "119-587ee25efec00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 159

GET
H2 200 silvercloud.js Show response
integration.silvercloudinc.com/js/silvercloudjs/ 61 KB
20 KB 189ms
64ms Script
application/javascript 65.9.66.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40b2da647bcc787d43218caecb24901ea7b01025bcf5f9db98359756dbf4aae0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 07:25:10 GMT
content-encoding: gzip
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 00:49:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 37947
x-amz-server-side-encryption: AES256
etag: W/"80f213d3a2f208a7129b19b16ceaefaa"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: hJhCqzY-DQDLDlawU5MdiaKxt5ClMaLy72IUOnyrOx3S5c-Tr9sHhQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 256 KB
88 KB 248ms
86ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2ZZNPH

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af17cfe7d45889c4de7ac4fc566e0fcd66296bfdf63cd88a0587901bd381f6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89891
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jul 2023 14:22:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 225ms
66ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 13:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4645
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 21 Jul 2023 15:04:37 GMT

GET
H/1.1 200
OK All-In-Logo-Official.png
allincu.com/img/ 18 KB
19 KB 185ms
175ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/img/All-In-Logo-Official.png

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

72bcebda1c7fc00e3f92ff9db2ceece447553dd17761cc0537591bd1c7e9087c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Apr 2019 14:49:31 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "49b3-58605f1aa94c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18867

GET
H/1.1 200
OK Icon-savvymoney.png
allincu.com/content/images/original/ 5 KB
5 KB 184ms
174ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/original/Icon-savvymoney.png

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f3a5f31cafb8430666062bc97478923190e1f1c301fdae05e733f1167dd00cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 02:11:41 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "13ed-587de27a27140"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 5101

GET
H/1.1 200
OK Icon-mobiledeposit.png
allincu.com/content/images/original/ 3 KB
4 KB 180ms
169ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/original/Icon-mobiledeposit.png

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

205a97a42c63cb60c5a1161a80c09937a6e23e61bef68c3148a4cf92c3df9286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 02:08:18 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "de4-587de1b88e880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3556

GET
H/1.1 200
OK Icon-platinumrewards.png
allincu.com/content/images/original/ 4 KB
4 KB 179ms
169ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/original/Icon-platinumrewards.png

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

206d7ee455b574d843ee66899aba2fcd0da1ecfa37090f82fc7dfb19d20219e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 02:09:19 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "f2f-587de1f2bb1c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3887

GET
H/1.1 200
OK icon-auto.png
allincu.com/content/images/original/ 5 KB
5 KB 185ms
175ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/original/icon-auto.png

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

b3f5332dfa333b25296789ed430a5d2b0bf8a82f6fb2d4187d40bbfa2498ad89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 03:05:40 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "120e-587dee8b1a900"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4622

GET
H/1.1 200
OK Icon-bazing.png
allincu.com/content/images/original/ 3 KB
4 KB 185ms
175ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/original/Icon-bazing.png

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

fdfa264c0ccf351311bb08ea5034d52e3f47dcfb3d893e0ece777a12b84b42fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 02:00:58 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "d4e-587de014f0a80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3406

GET
H/1.1 200
OK ncua-white-transparent.png
allincu.com/img/ 5 KB
5 KB 171ms
171ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/img/ncua-white-transparent.png

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

75287649722566ab96133a1dbbe0bfc93693080bd2a08413eb7a8dc6a574a679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Aug 2022 18:20:36 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "13ba-5e673ebd84500"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5050

GET
H/1.1 200
OK ehl-white-transparent.png
allincu.com/img/ 3 KB
4 KB 172ms
172ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/img/ehl-white-transparent.png

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

bd168eca5a68a15f51e5d625175d9be9b7d3a7acc4b6f871e61ad3875925a13d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Aug 2022 18:14:35 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "d82-5e673d653d8c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3458

GET
H/1.1 200
OK logo-NCUA-blue.svg
allincu.com/img/ 18 KB
18 KB 172ms
171ms Image
image/svg+xml 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/img/logo-NCUA-blue.svg

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

678384a19e4f35dd3bd8f9792888eb1aad3491efe76ebfa3ebfc6d8e9b056b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Aug 2022 14:03:35 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "487f-5e64818ffbbc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 18559

GET
H/1.1 200
OK logo-EHO-dark.svg
allincu.com/img/ 8 KB
9 KB 169ms
168ms Image
image/svg+xml 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/img/logo-EHO-dark.svg

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

157b0004a6b94bf4473eaffded60a8ab2dfd5c8b44fd144a37b648658db07085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Aug 2022 14:04:01 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "21a7-5e6481a8c7640"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 8615

GET
H2 503 ofw-allincu.js
www.overflowworks.com/ofw-trace/ 0
0 164ms
54ms Script
text/html 45.223.138.185
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.overflowworks.com/ofw-trace/ofw-allincu.js
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.138.185 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

OPTIONS
H/1.1 200
OK c34500b3-c618-449c-b4a6-588d6f7a6f29.json
cdn.segmint.net/ Frame 0
0 551ms
435ms Preflight 18.66.97.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/c34500b3-c618-449c-b4a6-588d6f7a6f29.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-77.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://i-054b2d17c465e98c3.hbgpsim.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Fri, 21 Jul 2023 14:22:02 GMT
Server: AmazonS3
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 96fppDMYQqqrXXL24ZYTbaQxvqOfHICFE1ItytkGGrLk1NZDoJyurw==
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Miss from cloudfront

GET
H/1.1 200
OK c34500b3-c618-449c-b4a6-588d6f7a6f29.json Show response
cdn.segmint.net/ 313 B
921 B 444ms
444ms XHR
application/json 18.66.97.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/c34500b3-c618-449c-b4a6-588d6f7a6f29.json
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-77.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af3022b7f8b45237fde80b95916497d930933caa2510d3d8d017df7353bdb8ff

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 21 Jul 2023 14:22:03 GMT
Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 313
Last-Modified: Tue, 02 Mar 2021 14:39:14 GMT
Server: AmazonS3
ETag: "c9e1bc125ccef3c7420d3b24f35e865d"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: 5ehWGiAceTiQs4rOpCK3stJWRk98ikPTMqdfG6q1-fl88_jyEgSBnA==

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 298ms
67ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=6918209

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 07 Dec 2022 20:20:28 GMT
server: ws
etag: "6390f58c-1da4"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7588

GET
H/1.1 200
OK index2.jspx
www.surveycarrot.com/ 0
323 B 625ms
624ms Image
text/html 192.223.10.25
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.surveycarrot.com/index2.jspx?/L9S5AMKNK4/images&quotes=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
Content-Encoding: gzip
Server: Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 208ms
74ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,900

Requested by

Host: allincu.com
URL: https://allincu.com/css/fonts.css?ver=202208181801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f0d0d42b4c1c3e73738bb8210a467a3af01c8e900de2141d8b6c91fb9d56ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://allincu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 14:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 13:24:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 14:22:01 GMT

GET
H/1.1 200
OK font-awesome.min.css
allincu.com/css/ 28 KB
7 KB 337ms
169ms Stylesheet
text/css 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/css/font-awesome.min.css

Requested by

Host: allincu.com
URL: https://allincu.com/css/voice.css?ver=202208181801

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

1188269b4bb77df6f5ae55f5d8038b3cfc46f4e76e3157e961e04ad14709db05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://allincu.com/css/voice.css?ver=202208181801
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 13 Sep 2016 16:56:59 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "7062-53c6680376cc0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6593

GET
H/1.1 200
OK iconic.css
allincu.com/css/ 61 KB
8 KB 338ms
169ms Stylesheet
text/css 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://allincu.com/css/iconic.css

Requested by

Host: allincu.com
URL: https://allincu.com/css/voice.css?ver=202208181801

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

5dd26d79a322117aa09d1e6248db551296a013bbf7ab2803f962c05438d28bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://allincu.com/css/voice.css?ver=202208181801
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 19 Sep 2016 18:24:26 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "f5b8-53ce06c028a80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8162

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 181ms
59ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e237cfb5b51efd58bf08a6d1cf3f4e49c2ce2e595ef16c2060aa6cb4d966fb3a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jul 2023 14:22:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46990
x-xss-protection: 0
pragma: public
x-fb-debug: dZPffb8wSGd2ev4+sRQjK71TyQ+eG4xRkAsN/RX1NmyverbuofsLuVahi433cMT0zLDQUdcKUfHSKCZemEP8fA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H/1.1 204
No Content event
connect.segmint.net/ Frame 0
0 573ms
136ms Preflight 54.157.14.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.14.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-14-224.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://i-054b2d17c465e98c3.hbgpsim.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://i-054b2d17c465e98c3.hbgpsim.com
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 21 Jul 2023 14:22:02 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty

POST
H/1.1 200
OK event Show response
connect.segmint.net/ 0
656 B 165ms
147ms XHR
text/plain 54.157.14.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.14.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-14-224.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 14:22:03 GMT
Server: openresty
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Access-Control-Allow-Origin: https://i-054b2d17c465e98c3.hbgpsim.com
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-Application-Context: site-event-receiver-service:prod:7084
Expires: 0

GET
H/1.1 200
OK en1qq5qnqM Show response
connect.segmint.net/iframe/doughnut/ Frame E8E7 509 B
1 KB 586ms
147ms Document
text/html 54.157.14.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.segmint.net/iframe/doughnut/en1qq5qnqM

Requested by

Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.157.14.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-14-224.compute-1.amazonaws.com

Software

openresty /

Resource Hash

0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: fi-FI
Content-Length: 307
Content-Type: text/html;charset=UTF-8
Date: Fri, 21 Jul 2023 14:37:54 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Vary: Accept-Encoding
X-Application-Context: offer-delivery:prod:7074
X-B3-Sampled: 1
X-B3-SpanId: f5a1bae66aada59e
X-B3-TraceId: f5a1bae66aada59e
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

OPTIONS
H2 204 css
litho.silvercloudinc.com/utilities/ Frame 0
0 353ms
192ms Preflight 18.164.52.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://litho.silvercloudinc.com/utilities/css?product_id=5c38a6b62acb223b1fc0d19a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.52.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-86.cdg50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://i-054b2d17c465e98c3.hbgpsim.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://i-054b2d17c465e98c3.hbgpsim.com
access-control-max-age: 1728000
date: Fri, 21 Jul 2023 14:22:02 GMT
server: nginx/1.14.0 (Ubuntu)
via: 1.1 c31719efcd399888dbbc5773eb6999da.cloudfront.net (CloudFront)
x-amz-cf-id: fcjC-aLMMvt7Do2OiRThKdXw0N6LWkonjrZcjwzM8BERXMW_LGANHw==
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront

OPTIONS
H2 204 5e72a7ec387f235457ccebe9
litho.silvercloudinc.com/console/integration_widgets/ Frame 0
0 521ms
361ms Preflight 18.164.52.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://litho.silvercloudinc.com/console/integration_widgets/5e72a7ec387f235457ccebe9?product_id=5c38a6b62acb223b1fc0d19a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.52.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-86.cdg50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://i-054b2d17c465e98c3.hbgpsim.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://i-054b2d17c465e98c3.hbgpsim.com
access-control-max-age: 1728000
date: Fri, 21 Jul 2023 14:22:02 GMT
server: nginx/1.14.0 (Ubuntu)
via: 1.1 c31719efcd399888dbbc5773eb6999da.cloudfront.net (CloudFront)
x-amz-cf-id: qe-nxf2C-TJmpA3TAltvoC1MIHGN6_tx1Q9hxeq7S_hkhmUOXpEUgQ==
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront

GET
H2 200 main.41012bd258d456d7db77.js Show response
embed.signalintent.com/ 517 KB
129 KB 50ms
50ms Script
application/javascript 2606:4700:20::681a:64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.signalintent.com/main.41012bd258d456d7db77.js
Requested by: Host: embed.signalintent.com
URL: https://embed.signalintent.com/js/embedded.js?org-guid=794e7f4a-6049-4dbe-bde5-eac171e76774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1964bd2fc51e93a0a8f9de6e0b43c4b2ddc54e3e99eff42b9ad0f9c887b37aa6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:02 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6924
cf-polished: origSize=529825
x-powered-by: Express
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 17:25:14 GMT
server: cloudflare
etag: W/"231c6-18964e28490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxcVsZRSI3GWbdVl%2BaFFhxgzE1jB75I2zO5k6HQMFVQAMzMNe9Rvb2pQLxtWNJ4efQUMxECSMlg%2FKFOTIZzItc7xasw8AxgE%2B6Iawoyfg%2FDr66gUj2aPgJQtG4OLGM%2B2lNhz0s12VG5wVysSdQwDOWx5yXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7ea41801ce284c8a-HEL

GET
H2 200 main.de60d8475ea411c88d66.css
embed.signalintent.com/ 94 KB
15 KB 44ms
43ms Stylesheet
text/css 2606:4700:20::681a:64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.signalintent.com/main.de60d8475ea411c88d66.css
Requested by: Host: embed.signalintent.com
URL: https://embed.signalintent.com/js/embedded.js?org-guid=794e7f4a-6049-4dbe-bde5-eac171e76774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b19a4ca9be9f2f95ae9480f455883ff36542da093e654d29013c7477f9380585

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:02 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6928
cf-polished: origSize=97019
x-powered-by: Express
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 17:25:14 GMT
server: cloudflare
etag: W/"362c-18964e28490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URVbdcVlWHALjFUmdgKGhOFhM6JzLIifkZ8JjmW1FRWsAPf7tiT9f7LH%2BDoJxNFEgM2ayO47KsTaKbLxcFZch5A1QjfQDJDnWfXJ7qFVdzPoL53fmeP0v8M3QtWNXovwq0rqEeCifOMvG%2FV20gu45NM%2FbS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7ea41801ce2a4c8a-HEL

GET
H2 401 css Show response
litho.silvercloudinc.com/utilities/ 29 B
599 B 180ms
179ms XHR
application/json 18.164.52.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://litho.silvercloudinc.com/utilities/css?product_id=5c38a6b62acb223b1fc0d19a
Requested by: Host: integration.silvercloudinc.com
URL: https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.52.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-86.cdg50.r.cloudfront.net
Software: nginx/1.14.0 + Phusion Passenger(R) 6.0.18 / Phusion Passenger(R) Enterprise 6.0.18
Resource Hash: ce02cfb73ecdb9104370b3bdb7b86508e9e346328ad9f2450c68e901640307ac

Request headers

Accept: version=1
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
accept-language: fi-FI,fi;q=0.9
Authorization: Token eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI1YWVhNjVkMDgwM2U5MjRkNDA1OWE0Y2MiLCJpYXQiOjE1NTczMzk5MTMsImF1ZCI6WyJhYWNmY3UuY29tIiwiYWFjZmN1LmNvbSIsImFybXktYXZpYXRpb24ubDl2b2ljZS5jb20iLCJhbGwtaW4ubDl2b2ljZS5jb20iLCJhcm15LWF2aWF0aW9uLmw5dm9pY2UuY29tIiwic29jaWFsLnNpbHZlcmNsb3VkaW5jLmNvbSIsInNvY2lhbC5zaWx2ZXJjbG91ZGluYy5jb20iLCJ3d3cuc29jaWFsLnNpbHZlcmNsb3VkaW5jLmNvbSIsInd3dy5zb2NpYWwuc2lsdmVyY2xvdWRpbmMuY29tIiwid3d3LmFsbGluY3UuY29tIiwid3d3LmFsbGluY3UuY29tIiwiYWxsaW5jdS5jb20iLCJhbGxpbmN1LmNvbSIsbnVsbCxudWxsXX0.T2a8QpAi7YyJ3dP6Th6Mhwq9hJLBLxaEJ8PB50yH8S4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:02 GMT
via: 1.1 c31719efcd399888dbbc5773eb6999da.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
x-powered-by: Phusion Passenger(R) Enterprise 6.0.18
x-cache: Error from cloudfront
status: 401 Unauthorized
x-request-id: a61e4652-da1b-4d8c-861a-2913470fabaf
x-runtime: 0.005660
server: nginx/1.14.0 + Phusion Passenger(R) 6.0.18
access-control-max-age: 7200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://i-054b2d17c465e98c3.hbgpsim.com
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-amz-cf-id: EBg0MduynmeShIo8ZRW01dwzlD9ub6KaPgUSx0LgziuF6ZeHp0__mw==

GET
H2 401 5e72a7ec387f235457ccebe9 Show response
litho.silvercloudinc.com/console/integration_widgets/ 29 B
600 B 185ms
185ms XHR
application/json 18.164.52.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://litho.silvercloudinc.com/console/integration_widgets/5e72a7ec387f235457ccebe9?product_id=5c38a6b62acb223b1fc0d19a
Requested by: Host: integration.silvercloudinc.com
URL: https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.52.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-86.cdg50.r.cloudfront.net
Software: nginx/1.14.0 + Phusion Passenger(R) 6.0.18 / Phusion Passenger(R) Enterprise 6.0.18
Resource Hash: ce02cfb73ecdb9104370b3bdb7b86508e9e346328ad9f2450c68e901640307ac

Request headers

Accept: version=1
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
accept-language: fi-FI,fi;q=0.9
Authorization: Token eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI1YWVhNjVkMDgwM2U5MjRkNDA1OWE0Y2MiLCJpYXQiOjE1NTczMzk5MTMsImF1ZCI6WyJhYWNmY3UuY29tIiwiYWFjZmN1LmNvbSIsImFybXktYXZpYXRpb24ubDl2b2ljZS5jb20iLCJhbGwtaW4ubDl2b2ljZS5jb20iLCJhcm15LWF2aWF0aW9uLmw5dm9pY2UuY29tIiwic29jaWFsLnNpbHZlcmNsb3VkaW5jLmNvbSIsInNvY2lhbC5zaWx2ZXJjbG91ZGluYy5jb20iLCJ3d3cuc29jaWFsLnNpbHZlcmNsb3VkaW5jLmNvbSIsInd3dy5zb2NpYWwuc2lsdmVyY2xvdWRpbmMuY29tIiwid3d3LmFsbGluY3UuY29tIiwid3d3LmFsbGluY3UuY29tIiwiYWxsaW5jdS5jb20iLCJhbGxpbmN1LmNvbSIsbnVsbCxudWxsXX0.T2a8QpAi7YyJ3dP6Th6Mhwq9hJLBLxaEJ8PB50yH8S4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
via: 1.1 c31719efcd399888dbbc5773eb6999da.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
x-powered-by: Phusion Passenger(R) Enterprise 6.0.18
x-cache: Error from cloudfront
status: 401 Unauthorized
x-request-id: fb365029-f3cd-4147-bdbf-c2e6184461d5
x-runtime: 0.005513
server: nginx/1.14.0 + Phusion Passenger(R) 6.0.18
access-control-max-age: 7200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://i-054b2d17c465e98c3.hbgpsim.com
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-amz-cf-id: yheRunln_Mt1MUiCuhr1AzFZJdetGjJRUFOzlOdX-W0WPMBJZ-Tp3g==

GET
H/1.1 200
OK all-in-swoops-v2.gif
allincu.com/img/ 8 KB
9 KB 285ms
169ms Image
image/gif 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/img/all-in-swoops-v2.gif

Requested by

Host: allincu.com
URL: https://allincu.com/css/voice.css?ver=202208181801

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

a658acb0d2da4a9511eb7640d11616a0cc80d629fc4719aeb4b7b51c412a2dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://allincu.com/css/voice.css?ver=202208181801
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Apr 2019 19:36:33 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2154-585a55ef89240"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 8532

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 189ms
58ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://i-054b2d17c465e98c3.hbgpsim.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 16:46:26 GMT
x-content-type-options: nosniff
age: 77736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 16:46:26 GMT

GET
H/1.1 200
OK shutterstock_121062757.jpg
allincu.com/content/images/990/ 153 KB
153 KB 288ms
173ms Image
image/jpeg 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/990/shutterstock_121062757.jpg

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

9a8d0c8a5a7613fa903296e7f48fa7228bcae302bbad31f4ab63f10bb4306648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 17:09:49 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "263a7-587eab39c1140"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 156583

GET
H/1.1 200
OK iStock_96645249_LARGE.jpg
allincu.com/content/images/990/ 188 KB
188 KB 284ms
168ms Image
image/jpeg 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/990/iStock_96645249_LARGE.jpg

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

c2bd4feae6809cadfb9fc90382361d959797cdbe65c3c0d8464d799247a84363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 17 Nov 2016 12:27:46 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2ee3f-5417e511b9480"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 192063

GET
H/1.1 200
OK iStock_77966639_LARGE.jpg
allincu.com/content/images/990/ 177 KB
177 KB 284ms
168ms Image
image/jpeg 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/990/iStock_77966639_LARGE.jpg

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

e1bc07ef56cc79fe62601f9e5d063fea17ff0a57c04efd02edcf80581cb0eab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 Dec 2016 18:42:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2c34c-54315e1aae1c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 181068

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 197ms
73ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://i-054b2d17c465e98c3.hbgpsim.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 22:23:32 GMT
x-content-type-options: nosniff
age: 316710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 22:23:32 GMT

GET fontawesome-webfont.woff2
allincu.com/css/fonts/ 0
0

GET
H/1.1 200
OK ui-icons_6da8d5_256x240.png
allincu.com/jquery/jquery_custom/ui-theme/images/ 4 KB
5 KB 252ms
172ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/jquery/jquery_custom/ui-theme/images/ui-icons_6da8d5_256x240.png

Requested by

Host: allincu.com
URL: https://allincu.com/jquery/jquery_custom/ui-theme/jquery-ui.css?ver=202208181801

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

aca470e9393822a58fae9bfd935a2dcc58ea244c907fcaee601129d395b1393a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://allincu.com/jquery/jquery_custom/ui-theme/jquery-ui.css?ver=202208181801
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Mar 2018 20:20:48 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "11c5-567f1ed34e800"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4549

GET
H/1.1 200
OK ui-icons_469bdd_256x240.png
allincu.com/jquery/jquery_custom/ui-theme/images/ 4 KB
5 KB 420ms
171ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/jquery/jquery_custom/ui-theme/images/ui-icons_469bdd_256x240.png

Requested by

Host: allincu.com
URL: https://allincu.com/jquery/jquery_custom/ui-theme/jquery-ui.css?ver=202208181801

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f8427ad3f235de197b76fe68bb88bd458f478d5494e0b5183ef5d46734dfa6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://allincu.com/jquery/jquery_custom/ui-theme/jquery-ui.css?ver=202208181801
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Mar 2018 20:20:48 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "11c5-567f1ed34e800"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4549

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/gemUTDWF7Q6S20eqmHvRF8eQJhugm2Ux/ 819 B
1 KB 206ms
58ms Fetch
application/json 3.161.119.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/gemUTDWF7Q6S20eqmHvRF8eQJhugm2Ux/settings
Requested by: Host: embed.signalintent.com
URL: https://embed.signalintent.com/main.41012bd258d456d7db77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-119-161.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22bb9ecedb9bc8d8e8d4500e123ea40d4e1bc74e76ec71a7c80bc032f4cdde8d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: 5rgXtIwPKP_oltqQiKsWA0yAtGxM3u_g
date: Fri, 21 Jul 2023 13:00:04 GMT
via: 1.1 b361826db8fe26bb15e77b0e0bcfb382.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P2
age: 4998
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 819
last-modified: Fri, 26 May 2023 20:17:55 GMT
server: AmazonS3
etag: "4faf569e3efef20de094197da52af2bf"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: O3e306wGxXh4-8ylsL_JVl00tO3rkTrStoKNLXiPvJdc-22PUlQjPw==

GET
H/1.1 200
OK widgets Show response
calc-backend-prod.herokuapp.com/api/embedded/ 29 B
411 B 568ms
149ms XHR
application/json 54.159.116.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://calc-backend-prod.herokuapp.com/api/embedded/widgets?originPath=https:%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&orgGuid=794e7f4a-6049-4dbe-bde5-eac171e76774
Requested by: Host: embed.signalintent.com
URL: https://embed.signalintent.com/main.41012bd258d456d7db77.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.116.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-116-102.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 7511e4f5a762ab1c38f6cf3fcea3cc0ea70649e8d5f2e933f50c9e4ffed13540

Request headers

Accept: application/json, text/plain, */*
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:03 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"1d-5axIGcFQm0n1F10ofvQLsX/2DAQ"
X-Ratelimit-Remaining: 239
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
X-Ratelimit-Reset: 1689949333
X-Ratelimit-Limit: 240
Connection: keep-alive
Content-Length: 29

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
219 B 68ms
68ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=573806086&t=pageview&_s=1&dl=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&ul=en-us&de=UTF-8&dt=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=170166935&gjid=1086154449&cid=1287027563.1689949323&tid=UA-146171377-5&_gid=1842574532.1689949323&_r=1&_slc=1&z=196367081

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://i-054b2d17c465e98c3.hbgpsim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
68 B 68ms
68ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=573806086&t=pageview&_s=1&dl=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&ul=en-us&de=UTF-8&dt=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1087465722&gjid=678919201&cid=1287027563.1689949323&tid=UA-146171377-2&_gid=1842574532.1689949323&_r=1&_slc=1&z=362855555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://i-054b2d17c465e98c3.hbgpsim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 68ms
68ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=573806086&t=pageview&_s=1&dl=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&ul=en-us&de=UTF-8&dt=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1683141054&gjid=1779254429&cid=1287027563.1689949323&tid=UA-30598534-4&_gid=1842574532.1689949323&_r=1&_slc=1&z=1792039013

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dfb10047658d4e83a63e5b6d8f93c02cb9d71514b9b60cdf6699e6cb7ca39ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://i-054b2d17c465e98c3.hbgpsim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 758764031177138 Show response
connect.facebook.net/signals/config/ 75 KB
21 KB 174ms
173ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/758764031177138?v=next&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d369cce57db249355076445adab414f01d22d4879d4d5be2c873fe62a55291e4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jul 2023 14:22:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: FzzECQ0XKgDL+CYEo98fKX94iu5gpSzxAV7tuVY1FDkjMPfMq5D8itcOMjbn7Qq31lg8qqM73KswrW3ma8cqlA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CLad3-j_n4ADFcdCwgod7mIC3w;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epve... Show response
9599098.fls.doubleclick.net/ Frame 422F
Redirect Chain

https://9599098.fls.doubleclick.net/activityi;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
https://9599098.fls.doubleclick.net/activityi;dc_pre=CLad3-j_n4ADFcdCwgod7mIC3w;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafv...

1 KB
899 B

110ms
108ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9599098.fls.doubleclick.net/activityi;dc_pre=CLad3-j_n4ADFcdCwgod7mIC3w;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZZNPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

1c1ea8a144087246a55da0ba46cc6e5fb2f72e23592616e6e7c9d961930557c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 560
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 14:22:03 GMT
expires: Fri, 21 Jul 2023 14:22:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 14:22:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9599098.fls.doubleclick.net/activityi;dc_pre=CLad3-j_n4ADFcdCwgod7mIC3w;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/949988307/ 3 KB
2 KB 254ms
101ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/949988307/?random=1689949322903&cv=11&fst=1689949322903&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=LEygCIeD9fEBENPX_sQD&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&bttype=purchase&auid=1015865844.1689949323&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZZNPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

10e9788b252418de633d645460536914128f95714de60ad92f732d2a1804c2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1669
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10810603100/ 3 KB
2 KB 252ms
101ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10810603100/?random=1689949322907&cv=11&fst=1689949322907&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=4i7aCJXhooQDENzs8qIo&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&bttype=purchase&auid=1015865844.1689949323&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZZNPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a50384b1332efe43e458cb09b66b2c32f797db3af79fe80ac597713ab9a43e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1667
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CMfn3-j_n4ADFV8IogMdmZgACA;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epve... Show response
5012033.fls.doubleclick.net/ Frame 30DF
Redirect Chain

https://5012033.fls.doubleclick.net/activityi;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
https://5012033.fls.doubleclick.net/activityi;dc_pre=CMfn3-j_n4ADFV8IogMdmZgACA;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafv...

487 B
625 B

103ms
101ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5012033.fls.doubleclick.net/activityi;dc_pre=CMfn3-j_n4ADFV8IogMdmZgACA;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZZNPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

56467a9c49a48849417deecaafdd9031cf6c2d7cb243493e7474143d71b7f726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 288
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 14:22:03 GMT
expires: Fri, 21 Jul 2023 14:22:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 14:22:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5012033.fls.doubleclick.net/activityi;dc_pre=CMfn3-j_n4ADFV8IogMdmZgACA;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615 Show response
6856376.fls.doubleclick.net/ Frame BA46
Redirect Chain

https://6856376.fls.doubleclick.net/activityi;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615?
https://6856376.fls.doubleclick.net/activityi;dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615?

508 B
446 B

105ms
102ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6856376.fls.doubleclick.net/activityi;dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZZNPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

c03e0cbcef54ce9ee12883f36235398fca9d225a79d56b096689e63a3de65056

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 271
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 14:22:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 14:22:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6856376.fls.doubleclick.net/activityi;dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 49 KB
18 KB 243ms
108ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZZNPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8ff0571e454b75517b28b02b1749dbcafa80d1cf6c4786c8fc45ee6f3fd13bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18398
x-xss-protection: 0
server: cafe
etag: 17414105932935890869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 14:22:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 109ms
108ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-15414SB1F3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZZNPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58cd6119bd01619db5cbd631374a2f8e531d709abb0abec63df16701539ccd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84550
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jul 2023 14:22:02 GMT

GET
H2 200 activity;xsp=4384517;ord=1;num=4897486768708.734
pubads.g.doubleclick.net/ 42 B
542 B 248ms
97ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4384517;ord=1;num=4897486768708.734?

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;xsp=4593836;ord=1;num=5775810372287.24
pubads.g.doubleclick.net/ 42 B
209 B 412ms
263ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4593836;ord=1;num=5775810372287.24?

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;xsp=4593836;ord=1;num=1744225929049.9229
pubads.g.doubleclick.net/ 42 B
209 B 410ms
261ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4593836;ord=1;num=1744225929049.9229?

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
357 B 196ms
65ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30598534-4&cid=1287027563.1689949323&jid=1683141054&gjid=1779254429&_gid=1842574532.1689949323&_u=IEDAAEABAAAAACAAI~&z=760002630

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Jul 2023 14:22:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://i-054b2d17c465e98c3.hbgpsim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
80 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WRHFVV8QKB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e54a42ec2988358c0bb183de3a35060b9e056700f7654b42f0d3e03af32e8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81967
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jul 2023 14:22:02 GMT

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/ 307 KB
107 KB 134ms
133ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

3da19bff8a36e98a79d18d19bca2e198614ef60644e87db8ee11cb0a980976bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 ajs-destination.776ce7c10ba9f573f628.js Show response
embed.signalintent.com/ 9 KB
3 KB 38ms
38ms Script
application/javascript 2606:4700:20::681a:64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.signalintent.com/ajs-destination.776ce7c10ba9f573f628.js
Requested by: Host: embed.signalintent.com
URL: https://embed.signalintent.com/main.41012bd258d456d7db77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4f4e8e22a35a638c71d87f897354a37c6bd59a00bc037cf04dd00eed7c91dcb3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5714
x-powered-by: Express
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 17:25:14 GMT
server: cloudflare
etag: W/"b88-18964e28490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aywgS1ttG9loZe2dTB7H6psyOHXLwRaKudajxHc55wzyzQbuvDRR0F4MYnQxqldFd6lkhzIqyWyA33YSOb7l435Iz1KPe8nbBovgrcsMv9Zkp5%2Ff%2FsjoKolR%2BjaOAa2Qqweccb5L0AFWgG7SaschW5jLqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7ea41804bb2a4c8a-HEL

GET
H2 200 schemaFilter.e0915391d196a643beca.js Show response
embed.signalintent.com/ 1 KB
1000 B 46ms
46ms Script
application/javascript 2606:4700:20::681a:64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.signalintent.com/schemaFilter.e0915391d196a643beca.js
Requested by: Host: embed.signalintent.com
URL: https://embed.signalintent.com/main.41012bd258d456d7db77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 699aa39a18348ae4b66b01fd6d523bf38a931fdc9aaedab0810cae2b8478d188

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5714
x-powered-by: Express
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 17:25:14 GMT
server: cloudflare
etag: W/"2c0-18964e28490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwO%2BmKtWswURFN2vybX%2Fs8dTUJeYKpCQdspb6AXUayxMtNY13p87Sl6nucx8X9khD1Jl74rw%2FXeIZP6M1JWJoOFEU9aKIOKBY0Ffe0yXC5Jaj8Xj%2BUCzVyegIW6oe9F5dwAMO7KpNAdD4xEMovV0LdANbBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7ea41804fb8f4c8a-HEL

GET fontawesome-webfont.woff
allincu.com/css/fonts/ 0
0

GET
H3 200 443273366569920 Show response
connect.facebook.net/signals/config/ 151 KB
42 KB 193ms
192ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/443273366569920?v=next&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b013a26547b316f4bed3feb9405366d33cd37e8b6b592621cd8e98d753746d5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jul 2023 14:22:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: uGXIg3blIUFKc26kZunoKqxL4AxcWWx9tQJPzeKgw4sy2RuldXY3ooAwxJ4VTt3C2ZpYXCa/yn5kOY89gEwuAg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 181ms
62ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=758764031177138&ev=PageView&dl=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&rl=&if=false&ts=1689949323064&sw=1600&sh=1200&v=next&r=stable&ec=0&o=28&fbp=fb.1.1689949323063.1050014955&it=1689949322869&coo=false&rqm=GET

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jul 2023 14:22:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK 9d50a50d1eb75b52f2a17226a37a83e5d688f1f94eb981643db6c521f04b3e54 Show response
api.alpharank.io/api/pixel/script/ 45 KB
45 KB 375ms
375ms Script
text/javascript 52.88.183.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alpharank.io/api/pixel/script/9d50a50d1eb75b52f2a17226a37a83e5d688f1f94eb981643db6c521f04b3e54?c=n&t=1689984000000
Requested by: Host: api.alpharank.io
URL: https://api.alpharank.io/api/pixel/script/9d50a50d1eb75b52f2a17226a37a83e5d688f1f94eb981643db6c521f04b3e54
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-183-153.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 / Express
Resource Hash: 4a25be1f0513a03c0595d7adc16dbd4402afaa9f00fdcb2564b53613eba2ad8b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:03 GMT
Server: nginx/1.12.2
X-Powered-By: Express
ETag: W/"b34c-5l4RE/4mt4MMmx9MJ5iDiT4UXqA"
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: undefined
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 45900

GET
H2 200 visual-tagger.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 45 KB
16 KB 183ms
66ms Script
application/javascript 3.161.119.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by: Host: embed.signalintent.com
URL: https://embed.signalintent.com/main.41012bd258d456d7db77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-119-161.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:43:39 GMT
content-encoding: gzip
via: 1.1 93c19401e4c3042840b49b10b9478098.cloudfront.net (CloudFront)
x-amz-version-id: FMWE2dwQLa9m3RNbb5h0ZI3KUYhH5.v2
x-amz-cf-pop: VIE50-P2
age: 2057905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15523
last-modified: Wed, 03 May 2023 11:04:45 GMT
server: AmazonS3
etag: "22f964b449ca210bdea17404f4624ac9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: N8vSjPFMrOStmpJywRGKcPAq4rPcoi3OoeU37sGFJTw2qAWXJLpiRQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 113ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WRHFVV8QKB&gtm=45je37j0&_p=573806086&ul=en-us&sr=1600x1200&cid=1287027563.1689949323&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&dt=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&sid=1689949323&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WRHFVV8QKB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://i-054b2d17c465e98c3.hbgpsim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cookie-mapper
maprtb.segmint.net/rtb/simpli-fi/ Frame E8E7
Redirect Chain

https://um.simpli.fi/segmint
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=486B9DC5498D45A7B2CF4FF189CF3E1F

43 B
412 B

583ms
139ms

Image
image/gif

54.157.14.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=486B9DC5498D45A7B2CF4FF189CF3E1F
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1qq5qnqM
Protocol: HTTP/1.1
Server: 54.157.14.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-14-224.compute-1.amazonaws.com
Software: openresty /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 14:22:03 GMT
Server: openresty
X-B3-TraceId: 557d409119bf38d0
Content-Type: image/gif; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-B3-SpanId: 557d409119bf38d0
X-B3-Sampled: 1
Connection: keep-alive
Content-Length: 43
X-Application-Context: cookie-mapper:prod:7077
Expires: 0

Redirect headers

date: Fri, 21 Jul 2023 14:22:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=486B9DC5498D45A7B2CF4FF189CF3E1F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:03 GMT

GET
H2 200 ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ Frame E8E7 3 KB
4 KB 199ms
61ms Script
application/javascript 34.90.79.92
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6

Requested by

Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1qq5qnqM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

92.79.90.34.bc.googleusercontent.com

Software

Resource Hash

173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: F3Pn9K7qPRN1mQkjhMPE
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 86ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-15414SB1F3&gtm=45je37j0&_p=573806086&cid=1287027563.1689949323&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689949323&sct=1&seg=0&dl=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&dt=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15414SB1F3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://i-054b2d17c465e98c3.hbgpsim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.fi/pagead/1p-conversion/949988307/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/949988307/?random=788930245&cv=11&fst=1689949322903&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054...
https://www.google.com/pagead/1p-conversion/949988307/?random=788930245&cv=11&fst=1689949322903&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsi...
https://www.google.fi/pagead/1p-conversion/949988307/?random=788930245&cv=11&fst=1689949322903&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim...

42 B
108 B

192ms
79ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-conversion/949988307/?random=788930245&cv=11&fst=1689949322903&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=LEygCIeD9fEBENPX_sQD&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&auid=1015865844.1689949323&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1NfNERUd2EzREFqaTBXckw1ZDRYYXFxdEwtWEdIUFg1WTlGTjdxZlZMaE1UY0EaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUwRHJOUmR3Zy1TaTktRGppZVdoQVVxbzlOQUpGdEM5YzZKX0dQa1pIUjRpemNKRjJXbGc2M0hYdyITCIyn3uj_n4ADFUHlmgodP5MHmA&is_vtc=1&ocp_id=i5S6ZMy1BsHK6wS_pp7ACQ&cid=CAQSKQBpAlJW-H_TEpDOp30lr-zYNoYjuKy6WGYUMcFy5ytzEVL98nXugzWk&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMqusC1TsTpg7CQqxzBDeImRhunSUkvgtwA&random=3678705324&ipr=y

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fi/pagead/1p-conversion/949988307/?random=788930245&cv=11&fst=1689949322903&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=LEygCIeD9fEBENPX_sQD&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&auid=1015865844.1689949323&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1NfNERUd2EzREFqaTBXckw1ZDRYYXFxdEwtWEdIUFg1WTlGTjdxZlZMaE1UY0EaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUwRHJOUmR3Zy1TaTktRGppZVdoQVVxbzlOQUpGdEM5YzZKX0dQa1pIUjRpemNKRjJXbGc2M0hYdyITCIyn3uj_n4ADFUHlmgodP5MHmA&is_vtc=1&ocp_id=i5S6ZMy1BsHK6wS_pp7ACQ&cid=CAQSKQBpAlJW-H_TEpDOp30lr-zYNoYjuKy6WGYUMcFy5ytzEVL98nXugzWk&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMqusC1TsTpg7CQqxzBDeImRhunSUkvgtwA&random=3678705324&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.fi/pagead/1p-conversion/10810603100/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10810603100/?random=736811335&cv=11&fst=1689949322907&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-0...
https://www.google.com/pagead/1p-conversion/10810603100/?random=736811335&cv=11&fst=1689949322907&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgp...
https://www.google.fi/pagead/1p-conversion/10810603100/?random=736811335&cv=11&fst=1689949322907&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgps...

42 B
108 B

291ms
178ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-conversion/10810603100/?random=736811335&cv=11&fst=1689949322907&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=4i7aCJXhooQDENzs8qIo&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&auid=1015865844.1689949323&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1NfNERUd2EzREFqaTBXckw1ZDRYYXFxdEwtWEdIUFg1WTlGTjdxZlZMaE1UY0EaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUxRFoxQ1Zpa2dwc2UwczFQb0RqNE5Ebk44bkN2RXR5LVN1OWo1bTh6LTBEbVFSR3g4RE1RR1BsdyITCOqs3uj_n4ADFVPbOwIdF1QMog&is_vtc=1&ocp_id=i5S6ZKq7BtO278EPl6ixkAo&cid=CAQSKQBpAlJWsngQqwVDCjyqRXJozqmuPiOyScwnzWc1MS4MKaN55KyOQe6J&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMqgRP4XPiSJnTYU96zNPYJc43BrdY493Wg&random=1837600632&ipr=y

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fi/pagead/1p-conversion/10810603100/?random=736811335&cv=11&fst=1689949322907&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&label=4i7aCJXhooQDENzs8qIo&hn=www.googleadservices.com&frm=0&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&value=0&auid=1015865844.1689949323&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1NfNERUd2EzREFqaTBXckw1ZDRYYXFxdEwtWEdIUFg1WTlGTjdxZlZMaE1UY0EaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUxRFoxQ1Zpa2dwc2UwczFQb0RqNE5Ebk44bkN2RXR5LVN1OWo1bTh6LTBEbVFSR3g4RE1RR1BsdyITCOqs3uj_n4ADFVPbOwIdF1QMog&is_vtc=1&ocp_id=i5S6ZKq7BtO278EPl6ixkAo&cid=CAQSKQBpAlJWsngQqwVDCjyqRXJozqmuPiOyScwnzWc1MS4MKaN55KyOQe6J&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMqgRP4XPiSJnTYU96zNPYJc43BrdY493Wg&random=1837600632&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/949988307/ 3 KB
2 KB 200ms
112ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/949988307/?random=1689949323222&cv=9&fst=1689949323222&num=1&label=vk2tCKz_6LMBENPX_sQD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d8cc4fa7bd706ce747056a79a0cec41b3abcb342045dc7b07a81a499c9bb595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1478
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1375839&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1375839%26t%3D2

43 B
840 B

57ms
57ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1375839%26t%3D2

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
an-x-request-uuid: b0bbbb33-4677-4e75-b3ab-7b025dc14f63
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
an-x-request-uuid: 94814cb2-3a2b-43b3-864e-b09471e561c0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1375839%26t%3D2
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.184; 185.204.1.184; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activity;xsp=4593836;ord=1;num=9730609769521194
pubads.g.doubleclick.net/ 42 B
336 B 127ms
126ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4593836;ord=1;num=9730609769521194?

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 67ms
66ms Script
application/javascript 3.161.119.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: embed.signalintent.com
URL: https://embed.signalintent.com/main.41012bd258d456d7db77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-119-161.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:21:22 GMT
content-encoding: gzip
via: 1.1 93c19401e4c3042840b49b10b9478098.cloudfront.net (CloudFront)
x-amz-version-id: 1x6q_MsAdAkmPosImHjKsztmTTUAb2Vd
x-amz-cf-pop: VIE50-P2
age: 2059242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Wed, 03 May 2023 11:04:43 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 5P4plYw3gXBKCMOcW9ZGvmMwId24BxT6Z460S62dGt_1ZTqtEXrBUA==

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/6918209/configuration/setting/accountproperties/ 7 KB
3 KB 365ms
130ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/6918209/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

b09f8a6ed843f505ea9f7fbf242898e68725f2f7146ed6785060e6f610a185e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 21 Jul 2023 14:23:03 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.29.0.0-release_5595/ 40 KB
15 KB 353ms
65ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.29.0.0-release_5595/ui-framework.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 20 Jul 2024 14:22:03 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.29.0.0-release_5595/ 88 KB
30 KB 486ms
258ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.29.0.0-release_5595/UMSClientAPI.min.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 20 Jul 2024 14:22:03 GMT

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.29.0.0-release_5595/ 92 KB
31 KB 420ms
194ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.29.0.0-release_5595/lpChatV3.min.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 20 Jul 2024 14:22:03 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.29.0.0-release_5595/ 8 KB
3 KB 352ms
130ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.29.0.0-release_5595/surveylogicinstance.min.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:27 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 20 Jul 2024 14:22:03 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/6918209/configuration/le-campaigns/ 4 KB
2 KB 153ms
70ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/6918209/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

912621abcd7684ffec5dd2ff2683550ea66a30c6c07aeda2e512ee15e98c21aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 21 Jul 2023 14:23:03 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 422F 49 KB
18 KB 163ms
162ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9599098.fls.doubleclick.net
URL: https://9599098.fls.doubleclick.net/activityi;dc_pre=CLad3-j_n4ADFcdCwgod7mIC3w;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8ff0571e454b75517b28b02b1749dbcafa80d1cf6c4786c8fc45ee6f3fd13bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9599098.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18398
x-xss-protection: 0
server: cafe
etag: 17414105932935890869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 14:22:03 GMT

GET
H2 200 dc_pre=CLad3-j_n4ADFcdCwgod7mIC3w;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=*;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b...
adservice.google.com/ddm/fls/z/ Frame 422F 42 B
107 B 232ms
102ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLad3-j_n4ADFcdCwgod7mIC3w;src=9599098;type=invmedia;cat=dv3600;ord=1;num=8405180173683;auiddc=*;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9599098.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMfn3-j_n4ADFV8IogMdmZgACA;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=*;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b...
adservice.google.com/ddm/fls/z/ Frame 30DF 42 B
118 B 228ms
99ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMfn3-j_n4ADFV8IogMdmZgACA;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=*;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid

Requested by

Host: 5012033.fls.doubleclick.net
URL: https://5012033.fls.doubleclick.net/activityi;dc_pre=CMfn3-j_n4ADFV8IogMdmZgACA;src=5012033;type=invmedia;cat=dv3600;ord=1;num=8153160357315;auiddc=1015865844.1689949323;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://5012033.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615;~oref=https://i-054... Frame 7659 507 B
645 B 225ms
99ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615;~oref=https://i-054b2d17c465e98c3.hbgpsim.com/

Requested by

Host: 6856376.fls.doubleclick.net
URL: https://6856376.fls.doubleclick.net/activityi;dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3c694d527f9a6682ef6eff7397089af573860bbed83be6c859e6df024d55850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6856376.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 271
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 14:22:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 58ms
58ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=443273366569920&ev=PageView&dl=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&rl=&if=false&ts=1689949323322&sw=1600&sh=1200&v=next&r=stable&ec=0&o=28&fbp=fb.1.1689949323063.1050014955&cs_est=true&it=1689949322869&coo=false&rqm=GET

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jul 2023 14:22:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/949988307/ 42 B
455 B 126ms
72ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/949988307/?random=1689949323222&cv=9&fst=1689948000000&num=1&label=vk2tCKz_6LMBENPX_sQD&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&fmt=3&is_vtc=1&random=1895549061&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fi/pagead/1p-user-list/949988307/ 42 B
455 B 240ms
78ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-user-list/949988307/?random=1689949323222&cv=9&fst=1689948000000&num=1&label=vk2tCKz_6LMBENPX_sQD&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&tiba=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&fmt=3&is_vtc=1&random=1895549061&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/713210458/ Frame 422F 3 KB
2 KB 100ms
100ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/713210458/?random=1689949323468&cv=9&fst=1689949323468&num=1&npa=1&label=dIvbCODMhIcYENr0itQC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9599098.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLad3-j_n4ADFcdCwgod7mIC3w%3Bsrc%3D9599098%3Btype%3Dinvmedia%3Bcat%3Ddv3600%3Bord%3D1%3Bnum%3D8405180173683%3Bauiddc%3D1015865844.1689949323%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fi-054b2d17c465e98c3.hbgpsim.com%252F%253Frid%253D3gPNPid%3F&ref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

6dbe9b02b493c0e722184f8c55fff186dedd7030c69349d7950fc80c4a9c0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9599098.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.fi/ddm/fls/i/dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615;~oref=https://i-054b... Frame 0087 194 B
515 B 261ms
99ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/ddm/fls/i/dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615;~oref=https://i-054b2d17c465e98c3.hbgpsim.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLqf3-j_n4ADFcYOogMdE8MDBg;src=6856376;type=invmedia;cat=nz209cmw;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=250814441360.61615;~oref=https://i-054b2d17c465e98c3.hbgpsim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 14:22:03 GMT
expires: Fri, 21 Jul 2023 14:22:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET fontawesome-webfont.ttf
allincu.com/css/fonts/ 0
0

GET
H2

200

/
www.google.fi/pagead/1p-conversion/713210458/ Frame 422F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/713210458/?random=872939742&cv=9&fst=1689949323468&num=1&npa=1&label=dIvbCODMhIcYENr0itQC&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/713210458/?random=872939742&cv=9&fst=1689949323468&num=1&npa=1&label=dIvbCODMhIcYENr0itQC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C51224...
https://www.google.fi/pagead/1p-conversion/713210458/?random=872939742&cv=9&fst=1689949323468&num=1&npa=1&label=dIvbCODMhIcYENr0itQC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247...

42 B
108 B

79ms
79ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-conversion/713210458/?random=872939742&cv=9&fst=1689949323468&num=1&npa=1&label=dIvbCODMhIcYENr0itQC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9599098.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLad3-j_n4ADFcdCwgod7mIC3w%3Bsrc%3D9599098%3Btype%3Dinvmedia%3Bcat%3Ddv3600%3Bord%3D1%3Bnum%3D8405180173683%3Bauiddc%3D1015865844.1689949323%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fi-054b2d17c465e98c3.hbgpsim.com%252F%253Frid%253D3gPNPid%3F&ref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhML36P-fgAMV1dM7Ah2bXATF&is_vtc=1&ocp_id=i5S6ZMTQH9Wn78EPm7mRqAw&cid=CAQSKQBpAlJWQCENESMMYSiLYIMW9SACGh8vs0cgLq7rHEjqmg6Egbx_DPHS&random=2320542960&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9599098.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fi/pagead/1p-conversion/713210458/?random=872939742&cv=9&fst=1689949323468&num=1&npa=1&label=dIvbCODMhIcYENr0itQC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9599098.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLad3-j_n4ADFcdCwgod7mIC3w%3Bsrc%3D9599098%3Btype%3Dinvmedia%3Bcat%3Ddv3600%3Bord%3D1%3Bnum%3D8405180173683%3Bauiddc%3D1015865844.1689949323%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fi-054b2d17c465e98c3.hbgpsim.com%252F%253Frid%253D3gPNPid%3F&ref=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhML36P-fgAMV1dM7Ah2bXATF&is_vtc=1&ocp_id=i5S6ZMTQH9Wn78EPm7mRqAw&cid=CAQSKQBpAlJWQCENESMMYSiLYIMW9SACGh8vs0cgLq7rHEjqmg6Egbx_DPHS&random=2320542960&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame 5A6B 39 KB
16 KB 208ms
207ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com&site=6918209&env=prod&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Fri, 21 Jul 2023 14:22:03 GMT
expires: Sat, 20 Jul 2024 14:22:03 GMT
last-modified: Fri, 17 Mar 2023 01:15:35 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-cache-status: HIT
x-content-type-options: nosniff

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.29.0.0-release_5595/ 997 KB
311 KB 188ms
188ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.29.0.0-release_5595/desktopEmbedded.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

301990cbfd7cfbb2598290387839feb818c6b181303ca60a6d05af48e7169430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 20 Jul 2024 14:22:03 GMT

POST
H/1.1 200
OK pixel.gif
pixel.alpharank.io/ 35 B
562 B 579ms
186ms Ping
application/octet-stream 52.88.183.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.alpharank.io/pixel.gif?id=9d50a50d1eb75b52f2a17226a37a83e5d688f1f94eb981643db6c521f04b3e54&duid=4.32.4-u2bki83i-lkco6zpq&fp=64a887dafc615d0d3b9a58488da6db36&ev=pageload&v=4.32.4&dl=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&ts=1689949323067&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&bn=Chrome%20115&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.98%20Safari%2F537.36
Requested by: Host: api.alpharank.io
URL: https://api.alpharank.io/api/pixel/script/9d50a50d1eb75b52f2a17226a37a83e5d688f1f94eb981643db6c521f04b3e54?c=n&t=1689984000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-183-153.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:04 GMT
Server: nginx/1.12.2
X-Powered-By: Express
ETag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://i-054b2d17c465e98c3.hbgpsim.com
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 35

GET
H2 200 p Show response
i.simpli.fi/ Frame E8E7 756 B
1 KB 69ms
61ms Script
application/javascript 34.90.79.92
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

92.79.90.34.bc.googleusercontent.com

Software

Resource Hash

151c23b8472c45a331de5df6a2508d147557f78ed695b4ad3cd955307f4a71f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ 37 KB
15 KB 349ms
349ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com&site=6918209&force=1&env=prod&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 17 Mar 2023 01:15:36 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 20 Jul 2024 14:22:03 GMT

GET
H2 200 6918209 Show response
va.v.liveperson.net/api/js/ 235 B
1 KB 728ms
268ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/6918209?&cb=lpCb65323x95306&t=sp&ts=1689949323280&pid=8039587517&tid=6572529806&pt=All%20In%20Credit%20Union%20%7C%20Alabama%20%7C%20Florida&u=https%3A%2F%2Fi-054b2d17c465e98c3.hbgpsim.com%2F%3Frid%3D3gPNPid&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

78cfcd4ff2e4ab8299e100c582c3c1f9e2afa01b0005e90357919da183e21d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2

200

xuid
eb2.3lift.com/ Frame E8E7
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=33E9E00F65AC409A91E0CF980980443B&dongle=yf3

37 B
140 B

179ms
56ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=33E9E00F65AC409A91E0CF980980443B&dongle=yf3
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=33E9E00F65AC409A91E0CF980980443B&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame E8E7
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=33E9E00F65AC409A91E0CF980980443B

43 B
175 B

446ms
144ms

Image
image/gif

2600:1f18:612b:4280:b83:98bc:f079:edb2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=33E9E00F65AC409A91E0CF980980443B
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Server: 2600:1f18:612b:4280:b83:98bc:f079:edb2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 21 Jul 2023 14:22:04 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=33E9E00F65AC409A91E0CF980980443B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame E8E7
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=33E9E00F65AC409A91E0CF980980443B
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=33E9E00F65AC409A91E0CF980980443B

95 B
435 B

75ms
70ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=33E9E00F65AC409A91E0CF980980443B

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=33E9E00F65AC409A91E0CF980980443B
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/ Frame E8E7
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=33E9E00F65AC409A91E0CF980980443B
https://d.agkn.com/pixel/10751/?che=1689949324227&ip=185.204.1.184&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216603104584003067284
https://um.simpli.fi/aa_px?sk=216603104584003067284
https://um.simpli.fi/empty.gif

43 B
361 B

63ms
63ms

Image
image/gif

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame E8E7
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=33E9E00F65AC409A91E0CF980980443B

0
0

213ms
55ms

Image
text/html

52.222.214.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=33E9E00F65AC409A91E0CF980980443B
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Server: 52.222.214.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-59.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=33E9E00F65AC409A91E0CF980980443B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame E8E7 43 B
409 B 65ms
61ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2 200 freewheel
um.simpli.fi/ Frame E8E7 43 B
409 B 65ms
62ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame E8E7
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=33E9E00F65AC409A91E0CF980980443B;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=33E9E00F65AC409A91E0CF980980443B;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-4977074785785722547

0
0

56ms
55ms

Image
text/html

52.222.214.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-4977074785785722547
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Server: 52.222.214.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-59.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-4977074785785722547
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame E8E7
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=33E9E00F65AC409A91E0CF980980443B&j=0

0
324 B

300ms
71ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=33E9E00F65AC409A91E0CF980980443B&j=0
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=33E9E00F65AC409A91E0CF980980443B&j=0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2 200 yahoo
um.simpli.fi/ Frame E8E7 43 B
409 B 66ms
63ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame E8E7
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=33E9E00F65AC409A91E0CF980980443B

0
421 B

543ms
134ms

Image
text/plain

54.204.174.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=33E9E00F65AC409A91E0CF980980443B
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: HTTP/1.1
Server: 54.204.174.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-174-60.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 21 Jul 2023 14:22:04 GMT

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=33E9E00F65AC409A91E0CF980980443B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2

200

29931
stags.bluekai.com/site/ Frame E8E7
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=33E9E00F65AC409A91E0CF980980443B

62 B
445 B

356ms
216ms

Image
image/gif

23.192.153.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=33E9E00F65AC409A91E0CF980980443B
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Server: 23.192.153.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-153-172.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 21 Jul 2023 14:22:04 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=33E9E00F65AC409A91E0CF980980443B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2

404

tpid=33E9E00F65AC409A91E0CF980980443B
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame E8E7
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=33E9E00F65AC409A91E0CF980980443B

49 B
265 B

232ms
72ms

Image
image/gif

52.213.109.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=33E9E00F65AC409A91E0CF980980443B
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Server: 52.213.109.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-107.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.65
content-length: 49
expires: 0

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=33E9E00F65AC409A91E0CF980980443B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame E8E7
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=33E9E00F65AC409A91E0CF980980443B

0
311 B

196ms
60ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=33E9E00F65AC409A91E0CF980980443B
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Fri, 21 Jul 2023 14:22:04 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=33E9E00F65AC409A91E0CF980980443B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/ Frame E8E7
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=33E9E00F65AC409A91E0CF980980443B

0
98 B

169ms
66ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=33E9E00F65AC409A91E0CF980980443B
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=33E9E00F65AC409A91E0CF980980443B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2

200

/
www.google.fi/pagead/1p-conversion/1026675585/ Frame E8E7
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1689949323943&cv=7&fst=1689949323943&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1670051199&cv=7&fst=1689949323943&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1670051199&cv=7&fst=1689949323943&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.fi/pagead/1p-conversion/1026675585/?random=1670051199&cv=7&fst=1689949323943&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
108 B

79ms
78ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-conversion/1026675585/?random=1670051199&cv=7&fst=1689949323943&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyMeW6f-fgAMVxc87Ah3yswRE&is_vtc=1&ocp_id=jJS6ZMjRAcWf78EP8ueSoAQ&cid=CAQSKQBpAlJWRY0PDasDL54QTKQeKabunUu67sm2M9FUMjQygKHJS1Aef1Aq&random=3514820345&ipr=y

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fi/pagead/1p-conversion/1026675585/?random=1670051199&cv=7&fst=1689949323943&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyMeW6f-fgAMVxc87Ah3yswRE&is_vtc=1&ocp_id=jJS6ZMjRAcWf78EP8ueSoAQ&cid=CAQSKQBpAlJWRY0PDasDL54QTKQeKabunUu67sm2M9FUMjQygKHJS1Aef1Aq&random=3514820345&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame E8E7
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=33E9E00F65AC409A91E0CF980980443B
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=33E9E00F65AC409A91E0CF980980443B&__user_check__=1&sync_id=f7259cb2-27d1-11ee-ad38-1024185a0106

43 B
548 B

57ms
57ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=33E9E00F65AC409A91E0CF980980443B&__user_check__=1&sync_id=f7259cb2-27d1-11ee-ad38-1024185a0106
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:04 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 64
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 21 Jul 2023 14:22:04 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7797&uid=33E9E00F65AC409A91E0CF980980443B&__user_check__=1&sync_id=f7259cb2-27d1-11ee-ad38-1024185a0106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 29
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
ib.adnxs.com/ Frame E8E7
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=33E9E00F65AC409A91E0CF980980443B

43 B
848 B

67ms
66ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=33E9E00F65AC409A91E0CF980980443B

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:04 GMT
an-x-request-uuid: 14d5c7e7-fc6a-4efb-9c6d-268a861fb47f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.184; 185.204.1.184; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ib.adnxs.com/setuid?entity=66&code=33E9E00F65AC409A91E0CF980980443B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E8E7
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=33E9E00F65AC409A91E0CF980980443B&expires=365

0
239 B

250ms
59ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=33E9E00F65AC409A91E0CF980980443B&expires=365
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=33E9E00F65AC409A91E0CF980980443B&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E8E7
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=33E9E00F65AC409A91E0CF980980443B

43 B
273 B

166ms
71ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=33E9E00F65AC409A91E0CF980980443B
Requested by: Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:04 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=33E9E00F65AC409A91E0CF980980443B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 14:22:04 GMT

GET
H2

204

g_match
um.simpli.fi/ Frame E8E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEISpFUlKV7JtLwXdNaBJh24&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=33E9E00F65AC409A91E0CF980980443B
https://um.simpli.fi/g_match?id=

0
320 B

61ms
61ms

Image
text/plain

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: i-054b2d17c465e98c3.hbgpsim.com
URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 20 Jul 2023 14:22:04 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 14:22:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6918209 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 328ms
328ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/6918209?sid=rCr1n5JHTSCi4eisKCA-9g&cb=lpCb95117x24405&t=pl&ts=1689949323937&pid=8039587517&tid=6572529806&vid=BjZjY4NzgwOWQ4NzE3MmM0

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/6918209/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

a5818279f5a66c08b164009047ce21c3365e32f9246adf32635242291a857499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:22:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H/1.1 200
OK SS-Promotions.png
allincu.com/content/images/original/ 640 KB
640 KB 172ms
172ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/original/SS-Promotions.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

9f3f333b54a451355f6c76196288c0444f77052df4ab50c5050bbb44d94d7698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 29 Jun 2023 21:26:16 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "a0035-5ff4b59b976bb"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 655413

GET
H/1.1 200
OK Prime-Day.png
allincu.com/content/images/original/ 1 MB
1 MB 168ms
168ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/original/Prime-Day.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

c16d05698694b6bc5e2f3d572570e8fe682e96257fe26dfec076590f60aa82d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Jun 2023 19:30:28 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "12694f-5ff359dbbd1dc"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 1206607

GET
H/1.1 200
OK Financial-Education-Center-Potential.png
allincu.com/content/images/original/ 983 KB
983 KB 172ms
172ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/original/Financial-Education-Center-Potential.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

925e1f41c44b45f30fc858e901eeb4a23f7f31d4af8e9ef3865983b99ab6f1c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Jun 2023 19:23:01 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "f5c86-5ff35831fedce"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1006726

GET
H/1.1 200
OK example-waving-people.jpg
allincu.com/content/images/original/ 446 KB
447 KB 172ms
171ms Image
image/jpeg 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/content/images/original/example-waving-people.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

4019ba1b7680ab6a99034c87b2169d2c16be077dafb8407419ec03eb8ccc9ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://i-054b2d17c465e98c3.hbgpsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Apr 2019 21:26:28 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "6f990-585bb05e7a900"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 457104

GET
H/1.1 200
OK dot-blue.png
allincu.com/img/ 1 KB
2 KB 168ms
167ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/img/dot-blue.png

Requested by

Host: allincu.com
URL: https://allincu.com/css/content.css?ver=202208181801

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

98c7b3516380b96abb56da60e5323626432de957ed4f7f94a2129b0c3c04305d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://allincu.com/css/content.css?ver=202208181801
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Apr 2019 20:21:09 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4c8-58738534c9740"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1224

GET
H/1.1 200
OK dot-red.png
allincu.com/img/ 1 KB
2 KB 168ms
168ms Image
image/png 20.225.65.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allincu.com/img/dot-red.png

Requested by

Host: allincu.com
URL: https://allincu.com/css/content.css?ver=202208181801

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.225.65.35 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

2a250c4df0a7b29a3e9c8052f1a1c08fee1a55df2ccffd0fe3fce6350d1cd391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://allincu.com/css/content.css?ver=202208181801
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 14:22:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Apr 2019 20:21:10 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4b1-58738535bd980"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1201

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: allincu.com
URL: https://allincu.com/css/fonts/fontawesome-webfont.woff2?v=4.6.1

Domain: allincu.com
URL: https://allincu.com/css/fonts/fontawesome-webfont.woff?v=4.6.1

Domain: allincu.com
URL: https://allincu.com/css/fonts/fontawesome-webfont.ttf?v=4.6.1

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hbgpsim.com/	1970-01-20 13:27:15	Name: _gid Value: GA1.2.1842574532.1689949323
.hbgpsim.com/	1970-01-20 13:25:49	Name: _gat_individualRollup Value: 1
.hbgpsim.com/	1970-01-20 13:25:49	Name: _gat_allRollup Value: 1
.hbgpsim.com/	1970-01-20 13:25:49	Name: _gat Value: 1
.hbgpsim.com/	1970-01-20 15:35:25	Name: _gcl_au Value: 1.1.1015865844.1689949323
.hbgpsim.com/	1970-01-20 15:35:25	Name: _fbp Value: fb.1.1689949323063.1050014955
.hbgpsim.com/	1970-01-20 23:01:49	Name: _ga_WRHFVV8QKB Value: GS1.2.1689949323.1.0.1689949323.0.0.0
.hbgpsim.com/	1970-01-20 23:01:49	Name: _ga_15414SB1F3 Value: GS1.1.1689949323.1.0.1689949323.0.0.0
.hbgpsim.com/	1970-01-20 23:01:49	Name: _ga Value: GA1.1.1287027563.1689949323
.segmint.net/	1970-01-20 23:01:49	Name: SegmintId Value: 3271a88166674e66939ed2dd7f0bab03
.simpli.fi/	1970-01-20 22:12:51	Name: suid Value: 33E9E00F65AC409A91E0CF980980443B
.doubleclick.net/	1970-01-20 22:47:25	Name: IDE Value: AHWqTUn9B4SDLwAJlKYV6wrCKMkCllr7-UaysPNzTASemq0GdpSbg2-Y7Z4birTm
.adnxs.com/	1970-01-20 15:35:25	Name: uuid2 Value: 2628847854523123973
i-054b2d17c465e98c3.hbgpsim.com/	1970-01-20 23:01:49	Name: __arank_duid Value: 4.32.4-u2bki83i-lkco6zpq
.simpli.fi/	1970-01-20 13:35:54	Name: uid_syncd_secure Value: true
.adnxs.com/	1970-01-20 15:35:25	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2C''i_w=H!]tay8i_jC:lq+Z:3[]_+fd'NYx?^[QCjZN^k0@Xw[fRW$kB(ANs(6xpTaM)t58Nl$]kNya!tNhToNQaPfG
.tapad.com/	1970-01-20 14:52:13	Name: TapAd_TS Value: 1689949324178
.tapad.com/	1970-01-20 14:52:13	Name: TapAd_DID Value: e275cc6c-4c11-4de5-a829-95e16403bf75
.agkn.com/	1970-01-20 22:11:25	Name: ab Value: 0001%3AAxGLbwWTQjFIBbdd9nIS9M2FIMbZhAq2
.pro-market.net/	1970-01-20 17:45:01	Name: anProfile Value: "-11ta9rjyxy1tf+1+1f=1+1g=1+1j=p+rs=s+rt=2A0CF04000002790000000000000004E+s2=(ry5h8s)+vm=24-33E9E00F65AC409A91E0CF980980443B"
.pro-market.net/	1970-01-20 14:09:01	Name: anHistory Value: "-11ta9rjyxy1tf+2+!#7')$:!HpC"
.tapad.com/	1970-01-20 14:52:13	Name: TapAd_3WAY_SYNCS Value:
.spotxchange.com/	1970-01-20 14:06:08	Name: audience Value: f7259c51-27d1-11ee-ad38-1024185a0106
pixel.alpharank.io/	1970-01-20 23:01:49	Name: __arank.uid__ Value: 8b4a454e-d85a-47ea-bd6c-76602a6e4017
.bluekai.com/	1970-01-20 17:50:46	Name: bku Value: blx99/0DrZHlX4z+
.bluekai.com/	1970-01-20 17:50:46	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwE1pHEka1eOsBMPOxpxymDW81DDyx6R8me98me96BeBY9y97l9r/
.agkn.com/	1970-01-20 22:11:25	Name: u Value: C\|0AAAAAAAALE1RDAAAAAAA
.bfmio.com/	1970-01-20 22:11:25	Name: __141_cid Value: 33E9E00F65AC409A91E0CF980980443B
.bfmio.com/	1970-01-20 22:11:25	Name: __io_cid Value: c1bf574e3729297a868db9b1e47b07801665c6dd
.hbgpsim.com/	1970-01-20 22:11:25	Name: LPVID Value: BjZjY4NzgwOWQ4NzE3MmM0
.hbgpsim.com/	1969-12-31 23:59:59	Name: LPSID-6918209 Value: rCr1n5JHTSCi4eisKCA-9g

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.overflowworks.com/ofw-trace/ofw-allincu.js Message: Failed to load resource: the server responded with a status of 503 ()
javascript	error	URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid Message: Access to font at 'https://allincu.com/css/fonts/fontawesome-webfont.woff2?v=4.6.1' from origin 'https://i-054b2d17c465e98c3.hbgpsim.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://allincu.com/css/fonts/fontawesome-webfont.woff2?v=4.6.1 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://litho.silvercloudinc.com/utilities/css?product_id=5c38a6b62acb223b1fc0d19a Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://litho.silvercloudinc.com/console/integration_widgets/5e72a7ec387f235457ccebe9?product_id=5c38a6b62acb223b1fc0d19a Message: Failed to load resource: the server responded with a status of 401 ()
javascript	error	URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid Message: Access to font at 'https://allincu.com/css/fonts/fontawesome-webfont.woff?v=4.6.1' from origin 'https://i-054b2d17c465e98c3.hbgpsim.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://allincu.com/css/fonts/fontawesome-webfont.woff?v=4.6.1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://i-054b2d17c465e98c3.hbgpsim.com/?rid=3gPNPid Message: Access to font at 'https://allincu.com/css/fonts/fontawesome-webfont.ttf?v=4.6.1' from origin 'https://i-054b2d17c465e98c3.hbgpsim.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://allincu.com/css/fonts/fontawesome-webfont.ttf?v=4.6.1 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=33E9E00F65AC409A91E0CF980980443B Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=33E9E00F65AC409A91E0CF980980443B Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=33E9E00F65AC409A91E0CF980980443B Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-4977074785785722547 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5012033.fls.doubleclick.net
6856376.fls.doubleclick.net
9599098.fls.doubleclick.net
aa.agkn.com
accdn.lpsnmedia.net
adservice.google.com
adservice.google.fi
allincu.com
allincu.quiq-api.com
api.alpharank.io
bcp.crwdcntrl.net
calc-backend-prod.herokuapp.com
cdn.segment.com
cdn.segmint.net
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
connect.segmint.net
d.agkn.com
eb2.3lift.com
embed.signalintent.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i-054b2d17c465e98c3.hbgpsim.com
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
integration.silvercloudinc.com
litho.silvercloudinc.com
loadm.exelator.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
maprtb.segmint.net
pixel.alpharank.io
pixel.rubiconproject.com
pixel.tapad.com
pubads.g.doubleclick.net
quickquote-consumer.optimalblue.com
region1.google-analytics.com
secure.adnxs.com
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
va.v.liveperson.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fi
www.googleadservices.com
www.googletagmanager.com
www.overflowworks.com
www.surveycarrot.com
allincu.com
13.248.245.213
142.250.185.162
172.217.18.6
172.217.18.98
178.249.97.23
178.249.97.98
178.249.97.99
18.164.52.86
18.191.159.80
18.194.231.190
18.66.97.77
185.89.210.244
185.94.180.126
192.223.10.25
20.225.65.35
2001:4860:4802:34::36
208.89.12.87
216.52.2.30
216.58.206.38
23.192.153.172
2600:1901:0:8eee::
2600:1f18:612b:4280:b83:98bc:f079:edb2
2606:4700:20::681a:64b
2606:4700:20::681a:7db
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.120.29.172
3.161.119.161
34.111.113.62
34.90.79.92
34.98.64.218
35.204.74.118
35.244.174.68
40.80.191.1
45.223.138.185
52.213.109.107
52.222.214.59
52.88.183.153
54.157.14.224
54.159.116.102
54.204.174.60
54.78.254.47
65.9.66.89
69.173.144.165
00e916e6a25a984c80414bf93453828d749a7c47474831b08c1ce402d33d929f
01cea9335f653faf74a88d3b9de3ceff263a52dddceca33d02035d9dce4bb6b2
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0f11b4233d591e1d733753c44fab03f975ef8acbaf3781ed5d8ceb81f7ee3e36
10e9788b252418de633d645460536914128f95714de60ad92f732d2a1804c2a5
1188269b4bb77df6f5ae55f5d8038b3cfc46f4e76e3157e961e04ad14709db05
151c23b8472c45a331de5df6a2508d147557f78ed695b4ad3cd955307f4a71f9
157b0004a6b94bf4473eaffded60a8ab2dfd5c8b44fd144a37b648658db07085
162aa0f27f2ec3db1569cca5f3f60ebec15d353c662456598201422abf28c5e2
173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1964bd2fc51e93a0a8f9de6e0b43c4b2ddc54e3e99eff42b9ad0f9c887b37aa6
1c1ea8a144087246a55da0ba46cc6e5fb2f72e23592616e6e7c9d961930557c4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
205a97a42c63cb60c5a1161a80c09937a6e23e61bef68c3148a4cf92c3df9286
206d7ee455b574d843ee66899aba2fcd0da1ecfa37090f82fc7dfb19d20219e7
22bb9ecedb9bc8d8e8d4500e123ea40d4e1bc74e76ec71a7c80bc032f4cdde8d
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
2a250c4df0a7b29a3e9c8052f1a1c08fee1a55df2ccffd0fe3fce6350d1cd391
2b013a26547b316f4bed3feb9405366d33cd37e8b6b592621cd8e98d753746d5
2f0d0d42b4c1c3e73738bb8210a467a3af01c8e900de2141d8b6c91fb9d56ede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301990cbfd7cfbb2598290387839feb818c6b181303ca60a6d05af48e7169430
323905cb9dc07e230abf26bc57aef871ca549a6a33b95f1b557e01dc947ed027
340c841da321f68db0f1868bf4b4cc7d115324ab2d94285e0057fb782f2e974d
3da19bff8a36e98a79d18d19bca2e198614ef60644e87db8ee11cb0a980976bc
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4019ba1b7680ab6a99034c87b2169d2c16be077dafb8407419ec03eb8ccc9ce0
40b2da647bcc787d43218caecb24901ea7b01025bcf5f9db98359756dbf4aae0
4a25be1f0513a03c0595d7adc16dbd4402afaa9f00fdcb2564b53613eba2ad8b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d8cc4fa7bd706ce747056a79a0cec41b3abcb342045dc7b07a81a499c9bb595
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4e8e22a35a638c71d87f897354a37c6bd59a00bc037cf04dd00eed7c91dcb3
53a04527c54da4421046f983a55829b3429e35d3188ecc05c299300a3e485ac9
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
562bd981eca968aa3f07b016f5290b3eba48c9ddd2baa45c7b6f9a95b3c2b0f3
56467a9c49a48849417deecaafdd9031cf6c2d7cb243493e7474143d71b7f726
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
58cd6119bd01619db5cbd631374a2f8e531d709abb0abec63df16701539ccd0c
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5dd26d79a322117aa09d1e6248db551296a013bbf7ab2803f962c05438d28bba
5eadee030e5419ecfacfff76b7ff91c67a6e8a02c1e1e2bd617a31a26620291d
678384a19e4f35dd3bd8f9792888eb1aad3491efe76ebfa3ebfc6d8e9b056b8b
699aa39a18348ae4b66b01fd6d523bf38a931fdc9aaedab0810cae2b8478d188
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbe9b02b493c0e722184f8c55fff186dedd7030c69349d7950fc80c4a9c0062
6fd1404ab5f1acfd3345de0fa680bb1bf86e5475de01884db17ebee7331a168c
715f6107fcb56a79dce10afe2574bbb6e06589214e4387e39681c638d34cc49b
724619730355b3afb32673dd82a766c11fa5c7fba27e82673bb8663e5590cda9
72bcebda1c7fc00e3f92ff9db2ceece447553dd17761cc0537591bd1c7e9087c
7511e4f5a762ab1c38f6cf3fcea3cc0ea70649e8d5f2e933f50c9e4ffed13540
75287649722566ab96133a1dbbe0bfc93693080bd2a08413eb7a8dc6a574a679
78623bcab5f2c49d1b44ac501d7146864d818ab26158851ce0bd9ec2650f53bd
78cfcd4ff2e4ab8299e100c582c3c1f9e2afa01b0005e90357919da183e21d1c
80060777c2e1962fffef5df369cbbebdf6e859d4c4bed43e7d89af0a839553ec
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9
8a7c0bbf650b679130c697c572c14667d82423329b7d3cdb43a49b59ea0a72db
8ff0571e454b75517b28b02b1749dbcafa80d1cf6c4786c8fc45ee6f3fd13bcc
90bb794a4fc9c04dec23475a73bc4e1bb57194ce2ae5657e11106e09a6765396
912621abcd7684ffec5dd2ff2683550ea66a30c6c07aeda2e512ee15e98c21aa
925e1f41c44b45f30fc858e901eeb4a23f7f31d4af8e9ef3865983b99ab6f1c8
98c7b3516380b96abb56da60e5323626432de957ed4f7f94a2129b0c3c04305d
9a8d0c8a5a7613fa903296e7f48fa7228bcae302bbad31f4ab63f10bb4306648
9d23d2c0f77fcd55b2dde6ce32f6192f61035d1beb12d7451e4c00ecd5c7100c
9ddc6c14f82c72b677154f86a4ee981d238ad42e672b92932c7967b7d3d8e562
9e54a42ec2988358c0bb183de3a35060b9e056700f7654b42f0d3e03af32e8d0
9f3f333b54a451355f6c76196288c0444f77052df4ab50c5050bbb44d94d7698
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a075fc7feaea36b32ab17b48136838d6112add268a5ed565f5ab375f2fd54c5c
a50384b1332efe43e458cb09b66b2c32f797db3af79fe80ac597713ab9a43e42
a5818279f5a66c08b164009047ce21c3365e32f9246adf32635242291a857499
a658acb0d2da4a9511eb7640d11616a0cc80d629fc4719aeb4b7b51c412a2dd6
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
aca470e9393822a58fae9bfd935a2dcc58ea244c907fcaee601129d395b1393a
af17cfe7d45889c4de7ac4fc566e0fcd66296bfdf63cd88a0587901bd381f6dc
af3022b7f8b45237fde80b95916497d930933caa2510d3d8d017df7353bdb8ff
b09f8a6ed843f505ea9f7fbf242898e68725f2f7146ed6785060e6f610a185e7
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b19a4ca9be9f2f95ae9480f455883ff36542da093e654d29013c7477f9380585
b3f5332dfa333b25296789ed430a5d2b0bf8a82f6fb2d4187d40bbfa2498ad89
b50adb99bc554816a8335a09ba0633e90808fe17c82e7643f9de05e28e744a5d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb6fd80dd733223ed988bcbaa33ccac8fa5488fd75927c3f071a23ff0beff5f
bd168eca5a68a15f51e5d625175d9be9b7d3a7acc4b6f871e61ad3875925a13d
bd45e67d1e4c688190a63fad2c280b978f3d8b311803f8ddbac36b5de021c942
c03e0cbcef54ce9ee12883f36235398fca9d225a79d56b096689e63a3de65056
c16d05698694b6bc5e2f3d572570e8fe682e96257fe26dfec076590f60aa82d1
c2bd4feae6809cadfb9fc90382361d959797cdbe65c3c0d8464d799247a84363
cada70d07e8e32ed5ca32fd9ae87f4d8be60eb13c60c6e3e9fcbb7c8b7b6854d
ce02cfb73ecdb9104370b3bdb7b86508e9e346328ad9f2450c68e901640307ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d369cce57db249355076445adab414f01d22d4879d4d5be2c873fe62a55291e4
d3c694d527f9a6682ef6eff7397089af573860bbed83be6c859e6df024d55850
d809b15cc6ed0c338813655858c28ed49e71bbdd61e9f24be1a1cc0f20dad549
d941290853308c540ca93dbe89435a84833bfc11c1a3b47501c075a719b6ed68
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfb10047658d4e83a63e5b6d8f93c02cb9d71514b9b60cdf6699e6cb7ca39ddf
e1bc07ef56cc79fe62601f9e5d063fea17ff0a57c04efd02edcf80581cb0eab7
e237cfb5b51efd58bf08a6d1cf3f4e49c2ce2e595ef16c2060aa6cb4d966fb3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ebc29ca6cd3127eab2bc5b4b660cb015f6d0448587f73c67184f9db1e4ee4dab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a5f31cafb8430666062bc97478923190e1f1c301fdae05e733f1167dd00cc6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8427ad3f235de197b76fe68bb88bd458f478d5494e0b5183ef5d46734dfa6e5
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae
fdfa264c0ccf351311bb08ea5034d52e3f47dcfb3d893e0ece777a12b84b42fe

i-054b2d17c465e98c3.hbgpsim.com Open in urlscan Pro 18.191.159.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

83 %HTTPS

33 %IPv6

41 Domains

60 Subdomains

52 IPs

5 Countries

5421 kBTransfer

8716 kBSize

31 Cookies

102 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

i-054b2d17c465e98c3.hbgpsim.com Open in urlscan Pro
18.191.159.80 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

83 %
HTTPS

33 %
IPv6

41
Domains

60
Subdomains

52
IPs

5
Countries

5421 kB
Transfer

8716 kB
Size

31
Cookies

156 HTTP transactions
0 data transactions