urlscan.io logo urlscan.io
SecurityTrails logo

daveworthen.com Open in urlscan Pro
69.89.31.135  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX...
Submission: On October 21 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 7 countries across 13 domains to perform 83 HTTP transactions. The main IP is 69.89.31.135, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is daveworthen.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 22nd 2020. Valid for: 3 months.
This is the only time daveworthen.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

50    69.89.31.135 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box335.bluehost.com
daveworthen.com
1    23.37.38.214 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-214.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    52.211.149.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-149-89.eu-west-1.compute.amazonaws.com
mtb.tt.omtrdc.net
2    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    2600:9000:2093:5c00:b:2146:1340:93a1 (United States)

ASN16509 (AMAZON-02, US)
www3.mtb.com
1    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
3    2a02:26f0:10c:582::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
9    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
1    2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)
s.yimg.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    52.212.228.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-228-44.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    54.83.83.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-83-224.compute-1.amazonaws.com
jslog.krxd.net
Domain Requested by
50 daveworthen.com daveworthen.com
7 cdn.krxd.net daveworthen.com
cdn.krxd.net
6 beacon.krxd.net cdn.krxd.net
daveworthen.com
3 snap.licdn.com daveworthen.com
tags.tiqcdn.com
snap.licdn.com
2 consumer.krxd.net cdn.krxd.net
2 sp.analytics.yahoo.com daveworthen.com
2 connect.facebook.net tags.tiqcdn.com
daveworthen.com
2 www.google.co.uk daveworthen.com
2 www.google.com daveworthen.com
1 jslog.krxd.net
1 www.facebook.com daveworthen.com
1 s.yimg.com tags.tiqcdn.com
1 px.ads.linkedin.com daveworthen.com
1 www3.mtb.com daveworthen.com
1 mtb.tt.omtrdc.net daveworthen.com
1 tags.tiqcdn.com daveworthen.com
83 16

This site contains links to these domains. Also see Links.

Domain
www3.mtb.com
mtb.com
Subject Issuer Validity Valid
daveworthen.simplymindblogging.com
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2020-03-16 -
2021-06-15		 a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2017-10-19 -
2020-11-25		 3 years crt.sh
www.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.google.co.uk
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.mtb.com
Entrust Certification Authority - L1M		 2020-06-03 -
2021-06-03		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
cdn.krxd.net
DigiCert SHA2 Secure Server CA		 2020-03-05 -
2021-03-06		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-06 -
2020-11-25		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-08-01 -
2021-01-28		 6 months crt.sh
consumer.krxd.net
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-09-14		 a year crt.sh
beacon.krxd.net
DigiCert SHA2 Secure Server CA		 2020-01-30 -
2021-01-30		 a year crt.sh

This page contains 4 frames:

Primary Page: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Frame ID: 9A1ED6B8CE21FDD7EB8985FF5F47710A
Requests: 72 HTTP requests in this frame

Frame: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/saved_resource.html
Frame ID: 2339AE52A3A163BFE2340492954CEAD4
Requests: 1 HTTP requests in this frame

Frame: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 384FAA4B4FA4B3AB3497D4C221AC47EB
Requests: 9 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 8062BE34CC93B37D0F6BD95BD7EEB78A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

83
Requests

100 %
HTTPS

53 %
IPv6

13
Domains

16
Subdomains

15
IPs

7
Countries

1383 kB
Transfer

3341 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/ 		137 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
51f7efcdce3926093fbb60111de7aab8cafe8cd6f15227472544b9b32ef418f7

Request headers

:method
GET
:authority
daveworthen.com
:scheme
https
:path
/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx/1.14.1
date
Wed, 21 Oct 2020 13:23:21 GMT
content-type
text/html
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
cache-control
max-age=300
expires
Wed, 21 Oct 2020 13:28:21 GMT
x-endurance-cache-level
2
content-encoding
gzip
clientlib-base.css
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		219 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-base.css
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
94da6f07461c9bd678bae2d1a6dd7e022f90fe4f742a46fc0c17a95f3b53a1e9

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
text/css
status
200
cache-control
max-age=2592000
expires
Fri, 20 Nov 2020 13:23:21 GMT
optout_check
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		92 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/optout_check
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
6524bfdebc04f1ba94911f71ba4747be0d91533117f3be70d56cec481b77c154

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
92
expires
Wed, 21 Oct 2020 19:23:21 GMT
5fbc882d-fc17-416e-8069-4c0fc55390a2
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		232 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/5fbc882d-fc17-416e-8069-4c0fc55390a2
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
88ebe5ffcf6f03df275a9656c695f80ad277f8213ee64b7ebd67b895dd4db566

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
232
expires
Wed, 21 Oct 2020 19:23:21 GMT
controltag.js.840d44399e357e7da3f94ce724fcd35c
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		259 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/controltag.js.840d44399e357e7da3f94ce724fcd35c
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
insight.old.min.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/insight.old.min.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
f.txt
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/f.txt
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
text/plain
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
js
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/js
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
17d2b19c62200137b7bb24be3b351eb98bd5b1a30ba682ad83517983ab24bf7d

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
90290
expires
Wed, 21 Oct 2020 19:23:22 GMT
uwt.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/uwt.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
bat.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/bat.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
fbevents.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/fbevents.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
ytc.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ytc.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
js(1)
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/js(1)
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
906c591db165b4409227517652fb0037484f3e22e8ebf0a7f65d7451d5514173

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
90268
expires
Wed, 21 Oct 2020 19:23:22 GMT
insight.min.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		964 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/insight.min.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
b5840616d8bf9540bbe45a42f6841f92b78c70dabd3b8ee60abb51e79c47d5d6

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
tqvdv1ilp.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/tqvdv1ilp.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
1058083743898ab494fb3e1a28b799cbd44f9cfdbd573c863acb3cc56d55761b

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
2e1b96f3f3514766d33d712f5dadda687660dd46244e2214e0271712c4488c1d

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
vendor.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		149 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/vendor.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
e35a95a09caf03820faf00c00587823b358c79f7ea08c0982966f743e8ab95f7

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:21 GMT
clientlib-header.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-header.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
44360533d25118024845be4572cb81a68ef5dcd4b0853f459691dc4d3022e9b0

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:21 GMT
utag.sync.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		78 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.sync.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
ed291f1996f27741c6b6ce98bef0dc76a82220aaadedbe04ee494043ad0e655b

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:21 GMT
utag.30.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		67 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.30.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
0dfc749e36f0de8b6dd3718f6ceeef85c3258720f6c847720aed2a9b358f9c96

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.20.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		1 KB
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.20.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
27ddaec566e54b6c408012319b821d6a0d788132e839764aa5845aa6cfb6316a

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.40.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.40.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
e86ab346736965155bcf617cfba6fc8ee760914ae412fa92c8b9190429004c81

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.41.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.41.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
0b932b797108980339a52d184fbbce4107e0dbdced513963e6f76526e8896e1e

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.42.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.42.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
8f6ea72c89ca5d848b7e373e71ad2044361bd27792894c2e831887aa70c17a76

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.43.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.43.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
0d5ebfe1a572fbfd6bb9930df03c417f1bb6790fbea6c0a3811b8394b6f43b08

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.44.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.44.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
c21ae4633f825a266fd02637cb1dd6bd8597b68a9f97dc719fa4f86af87a4c0b

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.45.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.45.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
659193894cb830c97aeb1aa822febeed8b7bae88db0f3501b2648e1598c3e1e4

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.46.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.46.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
b1dceaac28a443e0895fe570854cff7b7e3d57ba9e40c2cb566640249cd4fc67

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.47.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.47.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
2b1493c74ba031fd8b7894af6bbaafa2b6728ffdb9de7d383c5c8f2fecca13c9

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.48.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.48.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
43fffb53c3be84053f9a10f115aa4418793f29fc94c10ac90534d438511b2307

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.v.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		2 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.v.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
2
expires
Wed, 21 Oct 2020 19:23:22 GMT
f(1).txt
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/f(1).txt
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
3ab3dc97a2bd1b08d2999f2cc3ad09e086e619d29a01df22ee00b73d713a5256

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
text/plain
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:21 GMT
f(2).txt
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/f(2).txt
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
f19c45cbce1834621229e0d040f98afc82ffdb12c2de44549ab6b017efcde1da

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
text/plain
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:21 GMT
green-logo.png
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/green-logo.png
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
4ab56bfc693e75fbc52de80072dcbcd412efe057dcc099c9b718fb6f85ee129b

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21842
expires
Thu, 21 Oct 2021 13:23:22 GMT
top10.png
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/top10.png
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
a4f79cc050e64cbe5beb375fa4f6e08a552993c1286126667e8be8474cd974e4

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3135
expires
Thu, 21 Oct 2021 13:23:22 GMT
bestbanks-2020-green-5yrsv2.png
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/bestbanks-2020-green-5yrsv2.png
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
6b86ef10d5f71646f736f1bd639766f932d7faf534a8e74248522642051890a9

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11133
expires
Thu, 21 Oct 2021 13:23:22 GMT
excellence-2019.jpeg
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/excellence-2019.jpeg
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
8ca91ce0a81acaaa8e391831ae28eedb51896ae5eebe011f3e41145351949722

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
87236
expires
Thu, 21 Oct 2021 13:23:22 GMT
clientlib-base.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		267 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-base.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
786a9c5a2f5b78918f55320ce563c3b28167b28526a58d41eebe15931238f5bf

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:22 GMT
0
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/0
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
d29cc049fefc4320a7c37788247656b2371f732956f1135fc920d68afce6c221

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:25 GMT
content-encoding
gzip
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
text/html; charset=UTF-8
status
404
cache-control
no-cache, must-revalidate, max-age=0
link
<https://daveworthen.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
sp.pl.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/sp.pl.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
500
date
Wed, 21 Oct 2020 13:23:22 GMT
server
nginx/1.14.1
content-length
688
content-type
text/html; charset=iso-8859-1
sp.pl(1).download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		0
170 B 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/sp.pl(1).download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
0
expires
Wed, 21 Oct 2020 19:23:22 GMT
adsct
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ 		31 B
211 B 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/adsct
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
31
expires
Wed, 21 Oct 2020 19:23:22 GMT
utag.js
tags.tiqcdn.com/utag/mtbank/main/prod/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2e1b96f3f3514766d33d712f5dadda687660dd46244e2214e0271712c4488c1d

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
last-modified
Fri, 11 Sep 2020 17:01:29 GMT
server
AkamaiNetStorage
etag
"c3e07f717681fe4f7f97e6be8cceadc8:1599843689.011843"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
8907
expires
Wed, 21 Oct 2020 13:28:22 GMT
json
mtb.tt.omtrdc.net/m2/mtb/mbox/ 		96 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mtb.tt.omtrdc.net/m2/mtb/mbox/json?mbox=target-global-mbox&mboxSession=2ddc7763e2bf4d08af7b820da1884ae5&mboxPC=&mboxPage=e9915719130e4a72ba7ad342a1709e5b&mboxRid=3ab482b4a4b542acb0bc4999b542a218&mboxVersion=1.7.1&mboxCount=1&mboxTime=1603293802303&mboxHost=daveworthen.com&mboxURL=https%3A%2F%2Fdaveworthen.com%2Fwp-content%2Fplugins%2Fzakgkyl%2Fmtb-news-dev1%2Fmtb-news-dev%2Findex.html%3F50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&at_property=f7ba4290-5c00-8608-2ad1-5fc4576548bf&zipCodeCookie=&geoRegionCookie=&entity.categoryId=wp-content%2Cplugins%2Czakgkyl%2Cmtb-news-dev1%2Cmtb-news-dev%2Cindex&user.categoryId=wp-content%2Cplugins%2Czakgkyl%2Cmtb-news-dev1%2Cmtb-news-dev%2Cindex&kruxSegs=&loginClickedCookie=
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.sync.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.149.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-149-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0c8688a959999a978a193a3a793671fe079028a886ded48dc100a31c2b92f7e1

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Oct 2020 13:23:22 GMT
status
200
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://daveworthen.com
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
content-length
96
x-request-id
3ab482b4a4b542acb0bc4999b542a218
/
www.google.com/pagead/1p-user-list/990489911/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/990489911/?random=1600127356709&cv=9&fst=1600124400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa920&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1600201147&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Oct 2020 13:23:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/990489911/ 		42 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/990489911/?random=1600127356709&cv=9&fst=1600124400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa920&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1600201147&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Oct 2020 13:23:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/997504364/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/997504364/?random=1600127356805&cv=9&fst=1600124400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa920&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=3759781617&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Oct 2020 13:23:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/997504364/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/997504364/?random=1600127356805&cv=9&fst=1600124400000&num=1&bg=ffffff&guid=ON&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa920&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=3759781617&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Oct 2020 13:23:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
saved_resource.html
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ Frame 2339 		149 B
330 B 		Document
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/saved_resource.html
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Request headers

:method
GET
:authority
daveworthen.com
:scheme
https
:path
/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/saved_resource.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
check=true; mbox=session#2ddc7763e2bf4d08af7b820da1884ae5#1603288463
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1

Response headers

status
200
server
nginx/1.14.1
date
Wed, 21 Oct 2020 13:23:22 GMT
content-type
text/html
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
cache-control
max-age=300
expires
Wed, 21 Oct 2020 13:28:22 GMT
x-endurance-cache-level
2
content-encoding
gzip
Desktop-Modal-White-Retail.jpg
www3.mtb.com/content/dam/mtb-web/images/covid-19-response/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www3.mtb.com/content/dam/mtb-web/images/covid-19-response/Desktop-Modal-White-Retail.jpg
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:5c00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
607409a891eb7934e9f4e190d6e28cb8d7bc356bde7341192ff94de2ade47f2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Wed, 21 Oct 2020 13:23:22 GMT
via
1.1 dbf5a139061b80ff53ac8f18a1e0b49f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C1
x-vhost
publish
x-cache
RefreshHit from cloudfront
status
200
content-disposition
attachment
content-length
64985
last-modified
Mon, 13 Jul 2020 21:44:21 GMT
server
Apache
etag
"fdd9-5aa5997e91740"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=3600, no-cache="set-cookie"
accept-ranges
bytes
x-amz-cf-id
v7236YO2MjIX1gI0yqYN5zSG0aRHFfJ-B0Q8GoKd0PqXNh9X_18i0Q==
mandtbaltoweb-medium.woff
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash

Request headers

Origin
https://daveworthen.com
Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:25 GMT
content-encoding
gzip
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
text/html; charset=UTF-8
status
404
cache-control
no-cache, must-revalidate, max-age=0
link
<https://daveworthen.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
mandtbaltoweb-book.woff
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash

Request headers

Origin
https://daveworthen.com
Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:25 GMT
content-encoding
gzip
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
text/html; charset=UTF-8
status
404
cache-control
no-cache, must-revalidate, max-age=0
link
<https://daveworthen.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
mandtbaltoweb-light.woff
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash

Request headers

Origin
https://daveworthen.com
Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/clientlib-base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:25 GMT
content-encoding
gzip
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
text/html; charset=UTF-8
status
404
cache-control
no-cache, must-revalidate, max-age=0
link
<https://daveworthen.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
collect
px.ads.linkedin.com/ 		0
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&url=https%3A%2F%2Fdaveworthen.com%2Fwp-content%2Fplugins%2Fzakgkyl%2Fmtb-news-dev1%2Fmtb-news-dev%2Findex.html%3F50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1&time=1603286602775
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:22 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
A3MtsKsEQBYAHA+epysAAA==
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/insight.min.js.download
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 13:23:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2020 20:29:41 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=40874
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
controltag.js.840d44399e357e7da3f94ce724fcd35c
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/tqvdv1ilp.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 21 Oct 2020 13:23:22 GMT
content-encoding
gzip
age
4199977
x-amz-server-side-encryption
AES256
x-cache
HIT
status
200
x-cache-hits
4028712
content-length
84307
x-served-by
cache-hhn4080-HHN
last-modified
Mon, 24 Aug 2020 10:19:29 GMT
x-timer
S1603286603.898104,VS0,VE0
etag
"840d44399e357e7da3f94ce724fcd35c"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 22 Aug 2030 10:19:28 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ Frame 384F 		1 KB
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
67ea61f4413b817ecf0937b034ccef8e92ae1f13235b176adbb75415e937bf9a

Request headers

:method
GET
:authority
daveworthen.com
:scheme
https
:path
/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
check=true; mbox=session#2ddc7763e2bf4d08af7b820da1884ae5#1603288463|PC#2ddc7763e2bf4d08af7b820da1884ae5.37_0#1666531403; mboxEdgeCluster=37; utag_main=v_id:01754b541332001e3176a54baf6b00078012107000b08$_sn:1$_ss:1$_st:1603288402548$ses_id:1603286602548%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1

Response headers

status
200
server
nginx/1.14.1
date
Wed, 21 Oct 2020 13:23:23 GMT
content-type
text/html
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
cache-control
max-age=300
expires
Wed, 21 Oct 2020 13:28:22 GMT
x-endurance-cache-level
2
content-encoding
gzip
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 21 Oct 2020 12:27:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3362
x-amz-server-side-encryption
AES256
status
200
vary
Origin, Accept-Encoding
x-amz-request-id
3995213B71F70F6F
x-amz-id-2
aQdEk7X0eKLSUKjsZOkg3+3zY5+1FRHNHsvMte5WbdZvCR1ubJswImVZ2xCvAeMDhaObySTXaHY=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 24 Sep 2020 23:08:16 GMT
server
ATS
etag
"49db10c8315384e8dad2e92a6841ed81-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-version-id
swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
5581
content-type
application/javascript
expires
Wed, 21 Oct 2020 12:32:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23070
x-xss-protection
0
pragma
public
x-fb-debug
stLHQuvW3IaJpJpvciWr7Pc9zHeqBI3SwMk5QY7zktISJt2HccWVi407HfgFz7cYig7IKh2FX/bI+lnY77U++Q==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 21 Oct 2020 13:23:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires
Sat, 01 Jan 2000 00:00:00 GMT
290387871401930
connect.facebook.net/signals/config/ 		151 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/290387871401930?v=2.9.24&r=stable
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/fbevents.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d2b9c63d4273c924f4000c6aee2efee5e63283efc8d8bc15ea58d9e2984e6ba2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
q4XFVnvnfNHE+VtTs822c3yY0BjoH67EBhzB5k1Rcpbx/WW9S3RQqRvPyGuksPl0l5A2tLVyLhyuaeOvvkdEUw==
x-fb-trip-id
664085054
date
Wed, 21 Oct 2020 13:23:22 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		965 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 13:23:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=27521
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
sp.pl
sp.analytics.yahoo.com/ 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2021%20Oct%202020%2013%3A23%3A22%20GMT&n=-2d&b=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&.yp=10108773&f=https%3A%2F%2Fdaveworthen.com%2Fwp-content%2Fplugins%2Fzakgkyl%2Fmtb-news-dev1%2Fmtb-news-dev%2Findex.html%3F50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1&enc=UTF-8&et=custom&tagmgr=tealium%2Cgtm
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ytc.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 13:23:23 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Wed, 21 Oct 2020 13:23:23 GMT
sp.pl
sp.analytics.yahoo.com/ 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&b=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&.yp=10087193&f=https%3A%2F%2Fdaveworthen.com%2Fwp-content%2Fplugins%2Fzakgkyl%2Fmtb-news-dev1%2Fmtb-news-dev%2Findex.html%3F50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1&enc=UTF-8&et=custom&tagmgr=tealium%2Cgtm
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ytc.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 13:23:23 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Wed, 21 Oct 2020 13:23:23 GMT
tqvdv1ilp.js
cdn.krxd.net/controltag/ 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/tqvdv1ilp.js
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/utag.20.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fba57499585d833a2c99be6b02856dcee763badf7eeb0fc7a9fe7a7eeb5c9902

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Wed, 21 Oct 2020 13:23:23 GMT
content-encoding
gzip
age
743
x-cache
MISS, HIT, HIT
status
200
x-app-cache
HIT
x-age
0
content-length
3706
x-served-by
config-service-a001-ash-prod.krxd.net, cache-bwi5142-BWI, cache-hhn4080-HHN
x-response-time
1
x-do-esi
esi
x-timer
S1603286603.967067,VS0,VE87
etag
"6c6d9e3a4cb4eb4acf051e0930e8fae9f24ed951"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 2, 1
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 13:23:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=31244
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1799
/
www.facebook.com/tr/ 		44 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=290387871401930&ev=PageView&dl=https%3A%2F%2Fdaveworthen.com%2Fwp-content%2Fplugins%2Fzakgkyl%2Fmtb-news-dev1%2Fmtb-news-dev%2Findex.html%3F50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1&rl=&if=false&ts=1603286603003&sw=1600&sh=1200&v=2.9.27&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.1.1603286603002.1586127715&it=1603286602940&coo=false&tm=1&rqm=GET
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 21 Oct 2020 13:23:23 GMT
5fbc882d-fc17-416e-8069-4c0fc55390a2
consumer.krxd.net/consent/get/ 		249 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5fbc882d-fc17-416e-8069-4c0fc55390a2?idt=device&dt=kxcookie&callback=Krux.ns.mtbankcorporationus.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e802c95f9b4652ade7cee126c8eb8627e7bf9012aa16b4ba4c468138478332c

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:23 GMT
content-encoding
gzip
age
0
x-served-by
consumer-a012-dub-prod.krxd.net, cache-hhn4045-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
status
200
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1603286603.084642,VS0,VE26
content-length
202
via
1.1 varnish
x-cache-hits
0, 0
controltag.js.0631b7d64dbbd3656a8b7368ad227a04
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tqvdv1ilp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 21 Oct 2020 13:23:23 GMT
content-encoding
gzip
age
536209
x-amz-server-side-encryption
AES256
x-cache
HIT
status
200
x-cache-hits
1623885
content-length
84451
x-served-by
cache-hhn4080-HHN
last-modified
Thu, 15 Oct 2020 07:09:29 GMT
x-timer
S1603286603.081597,VS0,VE0
etag
"0631b7d64dbbd3656a8b7368ad227a04"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 13 Oct 2030 07:09:28 GMT
5fbc882d-fc17-416e-8069-4c0fc55390a2
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ Frame 384F 		232 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/5fbc882d-fc17-416e-8069-4c0fc55390a2
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
88ebe5ffcf6f03df275a9656c695f80ad277f8213ee64b7ebd67b895dd4db566

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:23 GMT
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
232
expires
Wed, 21 Oct 2020 19:23:23 GMT
controltag.js.840d44399e357e7da3f94ce724fcd35c
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ Frame 384F 		259 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/controltag.js.840d44399e357e7da3f94ce724fcd35c
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:23 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:22 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:23 GMT
tqvdv1ilp.js.download
daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/ Frame 384F 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/tqvdv1ilp.js.download
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.135 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box335.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
1058083743898ab494fb3e1a28b799cbd44f9cfdbd573c863acb3cc56d55761b

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:23 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 16:09:24 GMT
server
nginx/1.14.1
x-endurance-cache-level
2
content-type
application/javascript
status
200
cache-control
max-age=21600
expires
Wed, 21 Oct 2020 19:23:23 GMT
controltag.js.840d44399e357e7da3f94ce724fcd35c
cdn.krxd.net/ctjs/ Frame 384F 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/tqvdv1ilp.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 21 Oct 2020 13:23:23 GMT
content-encoding
gzip
age
4199978
x-amz-server-side-encryption
AES256
x-cache
HIT
status
200
x-cache-hits
4028713
content-length
84307
x-served-by
cache-hhn4080-HHN
last-modified
Mon, 24 Aug 2020 10:19:29 GMT
x-timer
S1603286604.629379,VS0,VE0
etag
"840d44399e357e7da3f94ce724fcd35c"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 22 Aug 2030 10:19:28 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 8062 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cdn.krxd.net
:scheme
https
:path
/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html

Response headers

status
200
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Wed, 21 Oct 2020 13:23:23 GMT
via
1.1 varnish
age
41781368
x-served-by
cache-hhn4080-HHN
x-cache
HIT
x-cache-hits
1689400
x-timer
S1603286604.688101,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
5fbc882d-fc17-416e-8069-4c0fc55390a2
consumer.krxd.net/consent/get/ Frame 384F 		249 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5fbc882d-fc17-416e-8069-4c0fc55390a2?idt=device&dt=kxcookie&callback=Krux.ns.mtbankcorporationus.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e802c95f9b4652ade7cee126c8eb8627e7bf9012aa16b4ba4c468138478332c

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:23:23 GMT
content-encoding
gzip
age
1
x-served-by
consumer-a012-dub-prod.krxd.net, cache-hhn4045-HHN
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
status
200
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1603286604.731635,VS0,VE0
content-length
202
via
1.1 varnish
x-cache-hits
0, 1
optout_check
beacon.krxd.net/ Frame 384F 		92 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.mtbankcorporationus.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.228.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-228-44.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9112e0a628bbe24cccb0d15c8a9bd28b74878671a61fcf2db74e53cb99e0a977

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 21 Oct 2020 13:23:23 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=44 t=1603286603
content-type
text/javascript
x-served-by
beacon-n004-dub-prod.krxd.net
get
cdn.krxd.net/userdata/ Frame 384F 		353 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=5fbc882d-fc17-416e-8069-4c0fc55390a2&technographics=1&callback=Krux.ns.mtbankcorporationus.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
15ca36e4870d11a36f094ad31a8201370563601a88e00629c3d8ec40f2d8451c

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Wed, 21 Oct 2020 13:23:23 GMT
content-encoding
gzip
age
0
x-cache
MISS, MISS
status
200
x-age
0
content-length
272
x-served-by
userdata-a009-ash-prod.krxd.net, cache-hhn4080-HHN
x-timer
S1603286604.762514,VS0,VE99
vary
Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
accept-ranges
bytes
x-cache-hits
0, 0
pixel.gif
beacon.krxd.net/ Frame 384F 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=tqvdv1ilp&_kpid=5fbc882d-fc17-416e-8069-4c0fc55390a2&_kcp_s=M%26T%20Bank%20Corporation%20-%20US&_kcp_d=daveworthen.com&_knifr=1&_kpref_=https%3A%2F%2Fdaveworthen.com%2Fwp-content%2Fplugins%2Fzakgkyl%2Fmtb-news-dev1%2Fmtb-news-dev%2Findex.html%3F50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1&_kua_kx_tz=-120&geo_country=ch&geo_region=zh&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2083&_kua_kx_tech_manufacturer=Apple%20Inc.&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Mac%20OS%20X&_kua_kx_geo_country=ch&_kua_kx_geo_region=zh&_kua_kx_whistle=1&_kpa_url_path_1=wp-content&_kpa_url_path_2=plugins&_kpa_url_path_3=zakgkyl&_kpa_url_path_4=mtb-news-dev1&_kpa_url_path_5=mtb-news-dev&_kpa_domain=daveworthen.com&t_navigation_type=0&t_dns=0&t_tcp=0&t_http_request=-1&t_http_response=0&t_content_ready=479&t_window_load=876&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=vn4v005t5&userdata_user=Nt5cXxA7%2Cvn4v005t5&sview=1&kplt0=42332&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5fbc882d-fc17-416e-8069-4c0fc55390a2%2C25%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C161%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C125
Requested by
Host: daveworthen.com
URL: https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.228.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-228-44.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/images/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 21 Oct 2020 13:23:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1603286604
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by
beacon-n001-dub-prod.krxd.net
optout_check
beacon.krxd.net/ 		92 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.mtbankcorporationus.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.228.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-228-44.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9112e0a628bbe24cccb0d15c8a9bd28b74878671a61fcf2db74e53cb99e0a977

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 21 Oct 2020 13:23:26 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=24 t=1603286606
content-type
text/javascript
x-served-by
beacon-n005-dub-prod.krxd.net
get
cdn.krxd.net/userdata/ 		353 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=5fbc882d-fc17-416e-8069-4c0fc55390a2&technographics=1&callback=Krux.ns.mtbankcorporationus.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
15ca36e4870d11a36f094ad31a8201370563601a88e00629c3d8ec40f2d8451c

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Wed, 21 Oct 2020 13:23:26 GMT
content-encoding
gzip
age
2
x-cache
MISS, HIT
status
200
x-age
0
content-length
272
x-served-by
userdata-a009-ash-prod.krxd.net, cache-hhn4080-HHN
x-timer
S1603286606.001970,VS0,VE0
vary
Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
accept-ranges
bytes
x-cache-hits
0, 1
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=tqvdv1ilp&_kpid=5fbc882d-fc17-416e-8069-4c0fc55390a2&_kcp_s=M%26T%20Bank%20Corporation%20-%20US&_kcp_d=daveworthen.com&_knifr=2&_kua_kx_tz=-120&geo_country=ch&geo_region=zh&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2083&_kua_kx_tech_manufacturer=Apple%20Inc.&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Mac%20OS%20X&_kua_kx_geo_country=ch&_kua_kx_geo_region=zh&_kua_kx_whistle=0&t_navigation_type=0&t_dns=7&t_tcp=380&t_http_request=-1&t_http_response=172&t_content_ready=1817&t_window_load=4904&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=vn4v005t5&_kurl_=https%3A%2F%2Fwww3.mtb.com%2F&userdata_user=Nt5cXxA7%2Cvn4v005t5&sview=2&kplt0=42332&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5fbc882d-fc17-416e-8069-4c0fc55390a2%2C1%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C37%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.228.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-228-44.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 21 Oct 2020 13:23:26 GMT
cache-control
private, no-cache, no-store
x-request-time
D=53 t=1603286606
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by
beacon-n010-dub-prod.krxd.net
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=tqvdv1ilp&_kpid=5fbc882d-fc17-416e-8069-4c0fc55390a2&_kcp_s=M%26T%20Bank%20Corporation%20-%20US&_kcp_d=daveworthen.com&_knifr=2&_kua_kx_tz=-120&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_whistle=0&_kpa_url_path_1=wp-content&_kpa_url_path_2=plugins&_kpa_url_path_3=zakgkyl&_kpa_url_path_4=mtb-news-dev1&_kpa_url_path_5=mtb-news-dev&_kpa_domain=daveworthen.com&t_navigation_type=0&t_dns=7&t_tcp=380&t_http_request=-1&t_http_response=172&t_content_ready=1817&t_window_load=4904&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=false&store_user_after=vn4v005t5&_kurl_=https%3A%2F%2Fwww3.mtb.com%2F&sview=3&kplt0=42332&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5fbc882d-fc17-416e-8069-4c0fc55390a2%2C105%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2CNaN%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2CNaN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.228.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-228-44.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 21 Oct 2020 13:23:26 GMT
cache-control
private, no-cache, no-store
x-request-time
D=97 t=1603286606
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by
beacon-n006-dub-prod.krxd.net
jslog.gif
jslog.krxd.net/ 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jslog.krxd.net/jslog.gif?commit=1&pubid=5fbc882d-fc17-416e-8069-4c0fc55390a2&siteid=1671594&site_name=M%26T%20Bank%20Corporation%20-%20US&browser_bucket=Chrome&lang=en&log_version=1.1&errors=%5B%7B%22type%22%3A%22test%22%2C%22msg%22%3A%22user_data_response%3A%20undefined%22%7D%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.83.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-83-224.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 21 Oct 2020 13:23:26 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1603286606
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by
beacon-n003-ash-prod.krxd.net
optout_check
beacon.krxd.net/ 		92 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.mtbankcorporationus.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.228.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-228-44.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9112e0a628bbe24cccb0d15c8a9bd28b74878671a61fcf2db74e53cb99e0a977

Request headers

Referer
https://daveworthen.com/wp-content/plugins/zakgkyl/mtb-news-dev1/mtb-news-dev/index.html?50wSTbeAZS3TbakVEOhLMxl2CpJlSFX63rcvqKITWnqEKKWrP1WVRsya9dK9ZNtfQcNzPUw6GzE9OyCE93ZIMnsKEzAw4x961CAdLyBgB7LwDxuptgM0xucj3ZbU6ab8ls7dEdOwIORzvMW1HqDH8fEqhMTkqEE0hWelbc6HeQuSBZXwG3Kd8X4uwKPkN80I9dACXEw1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 21 Oct 2020 13:23:27 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=49 t=1603286607
content-type
text/javascript
x-served-by
beacon-n006-dub-prod.krxd.net

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| Utils object| customEventsObject object| cookiesUtils object| modalObject object| tealiumUtils function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| $ function| jQuery function| Cookies function| forceIE89Synchronicity object| lazySizes function| findDisclosures function| getPageName string| $prefix object| utag_data function| targetPageParams object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| SubmitForm object| targetResponseList string| targetResponseText boolean| utag_condload object| utag object| mrkl_proxyCust object| $jscomp function| UET object| YAHOO function| Krux object| twttr function| GooglemKTybQhCsO function| google_trackConversion function| lintrk boolean| _already_called_lintrk function| fbq function| _fbq object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in number| s_objectID number| s_giq string| gtagRename object| dataLayer function| gtag object| uetq object| dotq object| google_tag_manager object| _linkedin string| _linkedin_data_partner_id

7 Cookies

Domain/Path Name / Value
daveworthen.com/ Name: thwcfe_session_id
Value: thwcfe_f656b3816bba2dd1fb60997d6081582b
.krxd.net/ Name: _kuid_
Value: Nt5cXxA7
.daveworthen.com/ Name: check
Value: true
.daveworthen.com/ Name: utag_main
Value: v_id:01754b541332001e3176a54baf6b00078012107000b08$_sn:1$_ss:1$_st:1603288402548$ses_id:1603286602548%3Bexp-session$_pn:1%3Bexp-session
.daveworthen.com/ Name: _fbp
Value: fb.1.1603286603002.1586127715
.daveworthen.com/ Name: mbox
Value: session#2ddc7763e2bf4d08af7b820da1884ae5#1603288463|PC#2ddc7763e2bf4d08af7b820da1884ae5.37_0#1666531403
.daveworthen.com/ Name: mboxEdgeCluster
Value: 37

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.krxd.net
cdn.krxd.net
connect.facebook.net
consumer.krxd.net
daveworthen.com
jslog.krxd.net
mtb.tt.omtrdc.net
px.ads.linkedin.com
s.yimg.com
snap.licdn.com
sp.analytics.yahoo.com
tags.tiqcdn.com
www.facebook.com
www.google.co.uk
www.google.com
www3.mtb.com
151.101.114.133
212.82.100.181
23.37.38.214
2600:9000:2093:5c00:b:2146:1340:93a1
2a00:1288:f03d:1fa::2000
2a00:1450:4001:801::2003
2a00:1450:4001:803::2004
2a02:26f0:10c:582::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
52.211.149.89
52.212.228.44
54.83.83.224
69.89.31.135
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0b932b797108980339a52d184fbbce4107e0dbdced513963e6f76526e8896e1e
0c8688a959999a978a193a3a793671fe079028a886ded48dc100a31c2b92f7e1
0d5ebfe1a572fbfd6bb9930df03c417f1bb6790fbea6c0a3811b8394b6f43b08
0dfc749e36f0de8b6dd3718f6ceeef85c3258720f6c847720aed2a9b358f9c96
1058083743898ab494fb3e1a28b799cbd44f9cfdbd573c863acb3cc56d55761b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15ca36e4870d11a36f094ad31a8201370563601a88e00629c3d8ec40f2d8451c
17d2b19c62200137b7bb24be3b351eb98bd5b1a30ba682ad83517983ab24bf7d
27ddaec566e54b6c408012319b821d6a0d788132e839764aa5845aa6cfb6316a
2b1493c74ba031fd8b7894af6bbaafa2b6728ffdb9de7d383c5c8f2fecca13c9
2e1b96f3f3514766d33d712f5dadda687660dd46244e2214e0271712c4488c1d
3ab3dc97a2bd1b08d2999f2cc3ad09e086e619d29a01df22ee00b73d713a5256
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43fffb53c3be84053f9a10f115aa4418793f29fc94c10ac90534d438511b2307
44360533d25118024845be4572cb81a68ef5dcd4b0853f459691dc4d3022e9b0
4ab56bfc693e75fbc52de80072dcbcd412efe057dcc099c9b718fb6f85ee129b
4e802c95f9b4652ade7cee126c8eb8627e7bf9012aa16b4ba4c468138478332c
51f7efcdce3926093fbb60111de7aab8cafe8cd6f15227472544b9b32ef418f7
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
607409a891eb7934e9f4e190d6e28cb8d7bc356bde7341192ff94de2ade47f2f
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6524bfdebc04f1ba94911f71ba4747be0d91533117f3be70d56cec481b77c154
659193894cb830c97aeb1aa822febeed8b7bae88db0f3501b2648e1598c3e1e4
67ea61f4413b817ecf0937b034ccef8e92ae1f13235b176adbb75415e937bf9a
6b86ef10d5f71646f736f1bd639766f932d7faf534a8e74248522642051890a9
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
786a9c5a2f5b78918f55320ce563c3b28167b28526a58d41eebe15931238f5bf
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32
88ebe5ffcf6f03df275a9656c695f80ad277f8213ee64b7ebd67b895dd4db566
8ca91ce0a81acaaa8e391831ae28eedb51896ae5eebe011f3e41145351949722
8f6ea72c89ca5d848b7e373e71ad2044361bd27792894c2e831887aa70c17a76
906c591db165b4409227517652fb0037484f3e22e8ebf0a7f65d7451d5514173
9112e0a628bbe24cccb0d15c8a9bd28b74878671a61fcf2db74e53cb99e0a977
94da6f07461c9bd678bae2d1a6dd7e022f90fe4f742a46fc0c17a95f3b53a1e9
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4f79cc050e64cbe5beb375fa4f6e08a552993c1286126667e8be8474cd974e4
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
b1dceaac28a443e0895fe570854cff7b7e3d57ba9e40c2cb566640249cd4fc67
b5840616d8bf9540bbe45a42f6841f92b78c70dabd3b8ee60abb51e79c47d5d6
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
c21ae4633f825a266fd02637cb1dd6bd8597b68a9f97dc719fa4f86af87a4c0b
d29cc049fefc4320a7c37788247656b2371f732956f1135fc920d68afce6c221
d2b9c63d4273c924f4000c6aee2efee5e63283efc8d8bc15ea58d9e2984e6ba2
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e35a95a09caf03820faf00c00587823b358c79f7ea08c0982966f743e8ab95f7
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86ab346736965155bcf617cfba6fc8ee760914ae412fa92c8b9190429004c81
ed291f1996f27741c6b6ce98bef0dc76a82220aaadedbe04ee494043ad0e655b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f19c45cbce1834621229e0d040f98afc82ffdb12c2de44549ab6b017efcde1da
fba57499585d833a2c99be6b02856dcee763badf7eeb0fc7a9fe7a7eeb5c9902
fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a