www.jetbluepluscard.com Open in urlscan Pro
167.203.49.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.jetblue.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpXwzdzfwap5zc6ne8svaOT5GzcozcXCiDP3uysjoqOYO7n9Nnzem6zgbsJ0sK...
Effective URL:
https://www.jetbluepluscard.com/apply/Application.action
Submission: On July 22 via manual (July 22nd 2021, 1:31:28 pm UTC) from IN

Summary HTTP 143 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 40 domains to perform 143 HTTP transactions. The main IP is 167.203.49.82, located in United Kingdom and belongs to BARCLAYS-CAPITAL, US. The main domain is www.jetbluepluscard.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on December 18th 2020. Valid for: a year.

This is the only time www.jetbluepluscard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.7.201.100 199.7.201.100	15334 (RESPONSYS) (RESPONSYS)
2 13	23.36.238.8 23.36.238.8	16625 (AKAMAI-AS) (AKAMAI-AS)
39	167.203.49.233 167.203.49.233	6303 (BARCLAYS-...) (BARCLAYS-CAPITAL)
6	2a02:26f0:6c0... 2a02:26f0:6c00:296::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 13	52.18.85.49 52.18.85.49	16509 (AMAZON-02) (AMAZON-02)
2	23.37.44.206 23.37.44.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.111.233.48 104.111.233.48	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	52.30.148.233 52.30.148.233	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
3 5	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	3.124.143.99 3.124.143.99	16509 (AMAZON-02) (AMAZON-02)
1	199.127.207.184 199.127.207.184	26120 (RHYTHMONE) (RHYTHMONE)
1	2a05:d018:24:... 2a05:d018:24:b001:d120:1359:acbb:2de6	16509 (AMAZON-02) (AMAZON-02)
2	63.32.159.255 63.32.159.255	16509 (AMAZON-02) (AMAZON-02)
4	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
7 9	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
7 7	99.81.11.244 99.81.11.244	16509 (AMAZON-02) (AMAZON-02)
2	52.18.150.20 52.18.150.20	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
13	167.203.49.82 167.203.49.82	6303 (BARCLAYS-...) (BARCLAYS-CAPITAL)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.30.5.180 52.30.5.180	16509 (AMAZON-02) (AMAZON-02)
5 6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 8	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	13.226.145.35 13.226.145.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	107.23.38.0 107.23.38.0	14618 (AMAZON-AES) (AMAZON-AES)
143	42

1 199.7.201.100 (United States) 1 redirects

ASN15334 (RESPONSYS, US)
PTR: email.jetblue.com

email.jetblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.36.238.8 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-238-8.deploy.static.akamaitechnologies.com

www.barclaycardus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 167.203.49.233 (United Kingdom)

ASN6303 (BARCLAYS-CAPITAL, US)

gif.barclaycardus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:296::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.18.85.49 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.44.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-44-206.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.233.48 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-48.deploy.static.akamaitechnologies.com

secure-cdn.mplxtms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.148.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-148-233.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.230 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2784362.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.143.99 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.184 (United States)

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:24:b001:d120:1359:acbb:2de6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

set.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.159.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

barclaybankdelaware.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

metrics.barclaycardus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.14.49 (Frankfurt am Main, Germany) 7 redirects

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 99.81.11.244 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.150.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com

barclaycardus.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 167.203.49.82 (United Kingdom)

ASN6303 (BARCLAYS-CAPITAL, US)

www.jetbluepluscard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.5.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-5-180.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.246.227.69 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.145.35 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-35.dus51.r.cloudfront.net

ads.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.13 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.38.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-38-0.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	barclaycardus.com 2 redirects www.barclaycardus.com gif.barclaycardus.com metrics.barclaycardus.com	890 KB
24	everesttech.net 18 redirects lasteventf-tm.everesttech.net cm.everesttech.net pixel.everesttech.net sync-tm.everesttech.net	8 KB
15	demdex.net 2 redirects dpm.demdex.net barclaybankdelaware.demdex.net	21 KB
13	jetbluepluscard.com www.jetbluepluscard.com	562 KB
12	doubleclick.net 8 redirects ad.doubleclick.net 2784362.fls.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
6	adobedtm.com assets.adobedtm.com	259 KB
5	owneriq.net 2 redirects px.owneriq.net	13 KB
4	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com	3 KB
4	bing.com 1 redirects bat.bing.com c.bing.com	10 KB
4	krxd.net cdn.krxd.net beacon.krxd.net consumer.krxd.net	91 KB
3	google.com adservice.google.com www.google.com	433 B
3	googletagmanager.com www.googletagmanager.com	111 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	470 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	scorecardresearch.com 2 redirects ads.scorecardresearch.com	799 B
2	criteo.com 2 redirects gum.criteo.com	769 B
2	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com	2 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	800 B
2	facebook.com www.facebook.com	248 B
2	omtrdc.net barclaycardus.tt.omtrdc.net	1 KB
2	w55c.net 1 redirects tags.w55c.net	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1020 B
2	mplxtms.com secure-cdn.mplxtms.com	159 KB
2	facebook.net connect.facebook.net	98 KB
2	everestjs.net www.everestjs.net	15 KB
1	rkdms.com mid.rkdms.com	47 B
1	pubmatic.com image2.pubmatic.com	547 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	yahoo.com ads.yahoo.com	447 B
1	rfihub.com 1 redirects p.rfihub.com	749 B
1	google.de www.google.de	108 B
1	tidaltv.com set.tidaltv.com	329 B
1	scanscout.com dt.scanscout.com	356 B
1	adsrvr.org insight.adsrvr.org	261 B
1	googleadservices.com www.googleadservices.com	14 KB
1	jetblue.com 1 redirects email.jetblue.com	877 B
0	Failed function sub() { [native code] }. Failed
0	twitter.com Failed analytics.twitter.com Failed
0	advertising.com Failed secure.leadback.advertising.com Failed
143	40

	Domain	Requested by
39	gif.barclaycardus.com	www.barclaycardus.com www.jetbluepluscard.com gif.barclaycardus.com
13	www.jetbluepluscard.com	www.jetbluepluscard.com gif.barclaycardus.com
13	dpm.demdex.net	2 redirects www.barclaycardus.com assets.adobedtm.com www.jetbluepluscard.com
13	www.barclaycardus.com	2 redirects www.barclaycardus.com
8	pixel.everesttech.net	4 redirects www.jetbluepluscard.com
7	sync-tm.everesttech.net	7 redirects
7	cm.everesttech.net	7 redirects
6	cm.g.doubleclick.net	5 redirects
6	assets.adobedtm.com	www.barclaycardus.com assets.adobedtm.com www.jetbluepluscard.com
5	px.owneriq.net	2 redirects www.barclaycardus.com px.owneriq.net
4	metrics.barclaycardus.com	assets.adobedtm.com
3	2784362.fls.doubleclick.net	1 redirects www.googletagmanager.com www.barclaycardus.com
3	bat.bing.com	www.barclaycardus.com bat.bing.com
3	www.googletagmanager.com	assets.adobedtm.com www.barclaycardus.com www.googletagmanager.com
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ads.scorecardresearch.com	2 redirects
2	gum.criteo.com	2 redirects
2	tag.yieldoptimizer.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	www.facebook.com
2	barclaycardus.tt.omtrdc.net	assets.adobedtm.com
2	lasteventf-tm.everesttech.net	www.everestjs.net
2	barclaybankdelaware.demdex.net	assets.adobedtm.com
2	tags.w55c.net	1 redirects
2	adservice.google.com	2784362.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	secure.adnxs.com	2 redirects
2	s.amazon-adsystem.com	1 redirects
2	secure-cdn.mplxtms.com	www.barclaycardus.com
2	cdn.krxd.net	www.barclaycardus.com cdn.krxd.net
2	connect.facebook.net	www.barclaycardus.com connect.facebook.net
2	www.everestjs.net	assets.adobedtm.com
1	mid.rkdms.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	ads.yahoo.com
1	c.bing.com	1 redirects
1	p.rfihub.com	1 redirects
1	consumer.krxd.net	cdn.krxd.net
1	beacon.krxd.net	cdn.krxd.net
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	set.tidaltv.com	www.barclaycardus.com
1	dt.scanscout.com	www.barclaycardus.com
1	insight.adsrvr.org	www.barclaycardus.com
1	www.googleadservices.com	www.barclaycardus.com
1	email.jetblue.com	1 redirects
0	undefined Failed	www.jetbluepluscard.com
0	analytics.twitter.com Failed
0	secure.leadback.advertising.com Failed	www.barclaycardus.com
143	54

This site contains links to these domains. Also see Links.

Domain
trueblue.jetblue.com
www.dfs.ny.gov

Subject Issuer	Validity	Valid
www.barclaycardus.com Entrust Certification Authority - L1M	`2021-01-29` - `2022-01-29`	a year	crt.sh
gif.barclaycardus.com Entrust Certification Authority - L1M	`2021-01-05` - `2021-10-30`	10 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
www.everestjs.net DigiCert SHA2 Secure Server CA	`2020-09-25` - `2021-09-30`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
www.mediaplex.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-03-15`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.w55c.net Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.scanscout.com Go Daddy Secure Certificate Authority - G2	`2020-11-26` - `2021-12-28`	a year	crt.sh
*.tidaltv.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-04` - `2022-06-04`	2 years	crt.sh
metrics.barclaycardus.com Entrust Certification Authority - L1M	`2020-04-16` - `2022-04-16`	2 years	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.jetbluepluscard.com Entrust Certification Authority - L1M	`2020-12-18` - `2021-12-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.tmogul.com Amazon	`2021-07-16` - `2022-08-14`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-08` - `2021-08-25`	2 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.rkdms.com Entrust Certification Authority - L1K	`2020-10-08` - `2021-10-30`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.jetbluepluscard.com/apply/Application.action
Frame ID: A6B3A9A04E8E93AA1550597226678507
Requests: 113 HTTP requests in this frame

Frame: https://barclaybankdelaware.demdex.net/dest5.html?d_nsid=0
Frame ID: 97CB9C72862AEC68CC52D08C544FAC1D
Requests: 8 HTTP requests in this frame

Frame: https://2784362.fls.doubleclick.net/activityi;dc_pre=CKDRqeTk9vECFVQHBgAdzRcAIw;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD
Frame ID: 9B0E2E587859601A47183329EE22E437
Requests: 2 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=text%2Fhtml
Frame ID: 9EDC5A4CACE7E3F9319F554816DA490E
Requests: 1 HTTP requests in this frame

Frame: https://www.jetbluepluscard.com/apply/action/handleFile?id=privacyPolicyForwardUrl
Frame ID: 497973D96658A65B8EE60EAEF6859A1B
Requests: 4 HTTP requests in this frame

Frame: https://barclaybankdelaware.demdex.net/dest5.html?d_nsid=0
Frame ID: 32E5EF7AEFC28F214B0FFA05FF43C4DF
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://email.jetblue.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpXwzdzfwap5zc6ne8svaOT5GzcozcXCiDP3uysjoq... HTTP 302
https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD Page URL
https://www.jetbluepluscard.com/apply/Application.action Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

143
Requests

96 %
HTTPS

29 %
IPv6

40
Domains

54
Subdomains

42
IPs

6
Countries

2253 kB
Transfer

4867 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://trueblue.jetblue.com/terms-and-conditions
Title: JetBlue TrueBlue program

Search URL Search Domain Scan URL

URL: http://www.dfs.ny.gov/
Title: www.dfs.ny.gov

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.jetblue.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpXwzdzfwap5zc6ne8svaOT5GzcozcXCiDP3uysjoqOYO7n9Nnzem6zgbsJ0sKcBzgR59plFVXtpKX%3DSRWBCACY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnW_e1Eewf0mjPRoaWmEr98c2Wwi_sGdWsnDGuWex8nGx36k24yxdKnqxHuXNUXGmUIY2I_uyd6XwmVLwWzhBX07j_zAQee_ozqSmCNhVC_DwPM6M6L3P0yUAs8kvnAW9OZi6NPSM.&_di_=7pfrmcmea2be9qbdn3ednerdsq5erqe2g23pfknn5hngk9r71ar0&data=04|01||d2e40e7fc0c44040315f08d94c8cc874|84df9e7fe9f640afb435aaaaaaaaaaaa|1|0|637624989808855769|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|1000&sdata=2f6e6eyI/BwOCmV7wZTO4dM0wrt/zikV+t9WNm5ohjY=&reserved=0 HTTP 302
https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD Page URL
https://www.jetbluepluscard.com/apply/Application.action Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://email.jetblue.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpXwzdzfwap5zc6ne8svaOT5GzcozcXCiDP3uysjoqOYO7n9Nnzem6zgbsJ0sKcBzgR59plFVXtpKX%3DSRWBCACY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnW_e1Eewf0mjPRoaWmEr98c2Wwi_sGdWsnDGuWex8nGx36k24yxdKnqxHuXNUXGmUIY2I_uyd6XwmVLwWzhBX07j_zAQee_ozqSmCNhVC_DwPM6M6L3P0yUAs8kvnAW9OZi6NPSM.&_di_=7pfrmcmea2be9qbdn3ednerdsq5erqe2g23pfknn5hngk9r71ar0&data=04|01||d2e40e7fc0c44040315f08d94c8cc874|84df9e7fe9f640afb435aaaaaaaaaaaa|1|0|637624989808855769|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|1000&sdata=2f6e6eyI/BwOCmV7wZTO4dM0wrt/zikV+t9WNm5ohjY=&reserved=0 HTTP 302
https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD

Request Chain 9

https://www.barclaycardus.com/apply/img/base/browsers/modal-lightbox_ic.png HTTP 301
https://gif.barclaycardus.com/apply/img/base/browsers/modal-lightbox_ic.png

Request Chain 10

https://www.barclaycardus.com/apply/img/base/browsers/modal-lightbox.png HTTP 301
https://gif.barclaycardus.com/apply/img/base/browsers/modal-lightbox.png

Request Chain 14

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1626960665188 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1626960665188

Request Chain 27

https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D60225231-6e2f-3f8f-9235-65001c7f2ef5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.jetblue.com&ex-hargs=v%3D1.0%3Bc%3D4505343305984%3Bp%3D60225231-6E2F-3F8F-9235-65001C7F2EF5&cb=278576436371560160 HTTP 302
https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D60225231-6e2f-3f8f-9235-65001c7f2ef5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.jetblue.com&ex-hargs=v%3D1.0%3Bc%3D4505343305984%3Bp%3D60225231-6E2F-3F8F-9235-65001C7F2EF5&cb=278576436371560160&dcc=t

Request Chain 29

https://secure.adnxs.com/px?id=655771&seg=4427131&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D655771%26seg%3D4427131%26t%3D2 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=5547554;type=invmedia;cat=sufx5ywp;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=5547554;dc_pre=CJPGwuTk9vECFYjwsgodBcsCxg;type=invmedia;cat=sufx5ywp;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=5547554;dc_pre=CJPGwuTk9vECFYjwsgodBcsCxg;type=invmedia;cat=sufx5ywp;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 30

https://tags.w55c.net/rs?id=ceb3c1abc3ce44bfbb3ef45663e0f03f&t=marketing HTTP 302
https://tags.w55c.net/rs?sccid=40e26dfa-04fe-d540-d8a2-7ca96d8e24e2&scc=1&id=ceb3c1abc3ce44bfbb3ef45663e0f03f&t=marketing

Request Chain 37

https://cm.everesttech.net/cm/dd?d_uuid=34732258639944293973079970323802193410 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPlzGQAAALwJqALs HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YPlzGQAAALwJqALs

Request Chain 43

https://2784362.fls.doubleclick.net/activityi;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD HTTP 302
https://2784362.fls.doubleclick.net/activityi;dc_pre=CKDRqeTk9vECFVQHBgAdzRcAIw;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD

Request Chain 49

https://px.owneriq.net/eps?pt=hghca1&pid=6665&uid=Q6802470651549956627J&l=true HTTP 302
https://px.owneriq.net/noop?ct=text%2Fhtml

Request Chain 50

https://px.owneriq.net/j/?ref=https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD&pt=hghca1&t=f%7C%22%22&s=o1bd HTTP 302
https://px.owneriq.net/noop?ct=application%2Fx-javascript

Request Chain 60

https://idsync.rlcdn.com/365868.gif?partner_uid=34732258639944293973079970323802193410 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMzQ3MzIyNTg2Mzk5NDQyOTM5NzMwNzk5NzAzMjM4MDIxOTM0MTAQABoNCJrm5YcGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=a30da5cfd8663331480baf28a1b16d3b0d083946e48021b553e9894664ee2c05b0da87c991749652

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzQ3MzIyNTg2Mzk5NDQyOTM5NzMwNzk5NzAzMjM4MDIxOTM0MTA= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJMCWba18U5JQrmgVwQpMew&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 68

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEFsHe6qnmeNZGuPByUuSf_c&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 69

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEFsHe6qnmeNZGuPByUuSf_c&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 70

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEFsHe6qnmeNZGuPByUuSf_c&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 71

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782

Request Chain 98

https://cm.everesttech.net/cm/dd?d_uuid=61354323135340404052115715963802416118 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPlzGQAAALwJqALs&d_uuid=61354323135340404052115715963802416118

Request Chain 108

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEFsHe6qnmeNZGuPByUuSf_c&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 109

https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871316021796879609

Request Chain 128

https://c.bing.com/c.gif?uid=61354323135340404052115715963802416118&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=24D2E0A899006FF810BDF0D4986B6EE2

Request Chain 131

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEFsHe6qnmeNZGuPByUuSf_c&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 132

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=546131584&t=i&p=2233 HTTP 302
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014978462792

Request Chain 133

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=9aisAxNEl3aQNkIjLH9adZEdR8Elmvjc&gdpr=0&gdpr_consent=

Request Chain 134

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=61354323135340404052115715963802416118&rn=1626960667477&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D61354323135340404052115715963802416118 HTTP 302
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=61354323135340404052115715963802416118&rn=1626960667477&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D61354323135340404052115715963802416118 HTTP 302
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=61354323135340404052115715963802416118

Request Chain 135

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YPlzGQAAALwJqALs&sigv=1&esig=1~6b4c81f039223a6927d678409b84056f87433085

Request Chain 136

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVBsekdRQUFBTHdKcUFMcw==

Request Chain 137

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YPlzGQAAALwJqALs&expires=90

Request Chain 138

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPlzGQAAALwJqALs HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPlzGQAAALwJqALs&C=1

Request Chain 139

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YPlzGQAAALwJqALs HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYPlzGQAAALwJqALs

Request Chain 140

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YPlzGQAAALwJqALs HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YPlzGQAAALwJqALs

Request Chain 141

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPlzGQAAALwJqALs

Request Chain 142

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YPlzGQAAALwJqALs&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YPlzGQAAALwJqALs&img=1&__user_check__=1&sync_id=13a582a5-eaf1-11eb-b5c9-143d56a10406

143 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Landing.action Show response
www.barclaycardus.com/apply/
Redirect Chain

https://email.jetblue.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpXwzdzfwap5zc6ne8svaOT5GzcozcXCiDP3uysjoqOYO7n9Nnzem6zgbsJ0sKcBzgR59plFVXtpKX%3DSRWBCACY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnW_e1Eewf0mjPRoaWmEr...
https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD

13 KB
14 KB

365ms
261ms

Document
text/html

23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ce6bc2220343cd11dcac5c3ff2ad6b397fcf776d2b1f45e09163767a62448453

Request headers

:method: GET
:authority: www.barclaycardus.com
:scheme: https
:path: /apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
content-type: text/html;charset=ISO-8859-1
content-language: en-US
x-bstat: 11|A|applyweb|14
x-akamai-transformed: 9 12337 0 pmb=mTOE,3
date: Thu, 22 Jul 2021 13:31:03 GMT
content-length: 12834
set-cookie: JSESSIONID=53F0FAA670EA17DC9278C26326EC3B36.applyweb_alpha_clzpsr000000023; Path=/apply; HttpOnly; secure TSESSIONID=53F0FAA670EA17DC9278C26326EC3B36.applyweb_alpha_clzpsr000000023; Path=/ XSESSIONID=89BA39540A39CAFD137F08A692E39C08;Secure;Path=/;Version=1;domain=barclaycardus.com; bm_mi=66189AD93B80C159F1A815D868E21019~SlM4qLzEvGded08+IqUYobRFsiLGzI6psZdvQWVkMlqh0l+gwMaGKus2Ek2JLotS7M5dFdmeOTCZUaP8ADX1t7wmd+tX6EINe/+esqnfXubRGkA7dtAsQMeB1R3zETOQvlTCc2pDbTXbvqBibzC3n6Ms55oFhFljDnthwNZD3pnZ1LuPoKBQjXc587Dim32L2Qf+YIoMOwLE26UAm3Z2YXPoEtTm9n3DHNSiK5OwUDU4M5txVy24o0mnOBmButvs; Domain=.barclaycardus.com; Path=/; Max-Age=0; HttpOnly bm_sz=65C795D8B8D55ED151A51A5695C3B44C~YAAQg15swaVA5cV6AQAARZVpzgycXGj7K0AZbfV4nMmuriDyuyaIE+MdWhn2mYQCvSiiST/HqsgSTZv7vo5XYnqTpQqLMrt1EKgihIW/U4BHj3jKHKxfiYyvFZJOAnXo82YHF85avQa3BTTOSq1ibJwcWozq1K7gn+LAaETAwJpOcX1mqzLzxuCusl4kWZxy4GVrczPZqA==; Domain=.barclaycardus.com; Path=/; Expires=Thu, 22 Jul 2021 17:31:03 GMT; Max-Age=14400; HttpOnly _abck=E038CAA8AF57716F78574A5114D9FFC9~-1~YAAQg15swaZA5cV6AQAARZVpzgZtZaHDgH2a4/bSqTpZCEwHs/8g+XWoN6GUYwBfkLzLdGB+tTnNctO9obxALZ3ScfGtd7dhsXIdEYWaVwgaKfv00iynRWDz08W+/FgqXUc0Z3VO2/Tk/SS+cgyrhkrTjF5se5nCxQeMOhnsUMp78WvWzy5YlEMPhFV78hhd0POlqPzP6YA17r6cEdbOwdFviYDqnjtfXJJXbMpD7Fe8Oy5bPfb1H02pGBZFjM4cd7MhWih1v3eFKa+BtoN0vQJdy1tSOvn886OmODubCwDrP7IR5RNen+qaw8KAfeOHH+Co4Kn4GqeVMwvkCeYVpev5k2YM4wotIDOELivwElSXww7BsN68jA2rAzEqPbRtFtj0~-1~-1~-1; Domain=.barclaycardus.com; Path=/; Expires=Fri, 22 Jul 2022 13:31:03 GMT; Max-Age=31536000; Secure ak_bmsc=4AB719366CA2DACAEF861EA69ABB790A~000000000000000000000000000000~YAAQg15swadA5cV6AQAARZVpzgza3R/v6rHmUbUlL9j7U9pIcod59pe5LjrY4kFRxBuzMw3E1uxV4lzMcMb6x3vBgyZULPVRfgFA0/80WVs1ulQfv8HS5maMa4nOhYqoAIpmpKoxy8BK3Cg/l/iVlJLk09nbdpadFdEmwyFy8cwu9KjrFq3pka+IoGDINjnAlW2inM9pCesql3cAAYcXW6dJGsEqak5Lh7qb8Y/bfPCf05jHDybGDDfR1cM2zUjndbTPjwNQIewrr/vN647SJDEvByAGkr95LvQs1wAOlCpWGw4iQMNVjL020gWbKuiHKuIIBLtB5RqWc9p0S5a1TYe8DeESJMVoLcBolDscgNMTuS6YEncU+dCHDBYNDSUJX0cphcexFmMSwj/9UtwNxeM=; Domain=.barclaycardus.com; Path=/; Expires=Thu, 22 Jul 2021 15:31:03 GMT; Max-Age=7200; HttpOnly

Redirect headers

Date: Thu, 22 Jul 2021 13:31:03 GMT
Server: Apache
P3P: policyref="http://policy5.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma: no-cache
Cache-Control: no-store, no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: 6.interact5.M4v.....N.N...=_ri_=X0Gzc2X%3DAQpglLjHJlYQGpXwzdzfwap5zc6ne8svaOT5GzcozcXCiDP3uysjoqOYO7n9Nnzem6zgbsJ0sKcBzgR59plFVXtpKX%3DSRWBCACY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnW_e1Eewf0mjPRoaWmEr98c2Wwi_sGdWsnDGuWex8nGx36k24yxdKnqxHuXNUXGmUIY2I_uyd6XwmVLwWzhBX07j_zAQee_ozqSmCNhVC_DwPM6M6L3P0yUAs8kvnAW9OZi6NPSM; expires=Sat, 22-Jul-2023 13:31:03 GMT; Domain=.jetblue.com; Path=/pub; HttpOnly
Location: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Connection: close
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
gif.barclaycardus.com/apply/js/base/jquery/ 87 KB
30 KB 949ms
127ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/jquery/jquery-3.5.1.min.js
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 30908

GET
H/1.1 200
OK tealeaf.js Show response
gif.barclaycardus.com/apply/js/base/tagging/ 138 KB
46 KB 952ms
130ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/tagging/tealeaf.js
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 6d05079301ff5d8552cfe54705dd25ddb5cae6efa674441688c9a053b01e385d

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 46688

GET
H/1.1 200
OK bcus-min.js Show response
gif.barclaycardus.com/apply/js/base/bcus/ 2 KB
1 KB 945ms
123ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/bcus/bcus-min.js
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: a401c3c4bf86528d0d701359dbf9120e36b1f24a941daee953d4bd8ba5572d2b

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:35 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 1012

GET
H/1.1 200
OK global-landing.css
gif.barclaycardus.com/apply/css/base/responsive/ 29 B
287 B 931ms
120ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/responsive/global-landing.css
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 157b31197ea6a2e4eeef89e12b2a2eba38108d4ba6e050fca34d5488fd9fb103

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:04 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 29

GET
H/1.1 200
OK browser-detect-modal.css
gif.barclaycardus.com/apply/css/base/ 3 KB
1 KB 942ms
122ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/browser-detect-modal.css
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 0ffa94ab28963a7a4d6af884540fa59b8974f7c95675e91555f993060e758aa2

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 814

GET
H2 200 launch-067727b26ea4.min.js Show response
assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/ 415 KB
103 KB 20ms
7ms Script
application/x-javascript 2a02:26f0:6c00:296::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e2543f09ef2c830564a2dcf53e27fcf8e7f490e11821f79cc3067826023df33c

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:03 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:52:09 GMT
server: AkamaiNetStorage
etag: "e7a40abc58c4776b7fa2aaf215111dda:1618563129.687342"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.barclaycardus.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 104654
expires: Thu, 22 Jul 2021 14:31:03 GMT

GET
H/1.1 200
OK yahoo-dom-event.js Show response
gif.barclaycardus.com/apply/js/base/yui/yahoo-dom-event/ 37 KB
13 KB 945ms
123ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/yui/yahoo-dom-event/yahoo-dom-event.js
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 34e4be92ec5b080fa8861ec31ab78bf63baad3b2242b5975a38de8d2807857aa

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=1814400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 13210
Expires: Thu, 12 Aug 2021 13:31:04 GMT

GET
H2 200 5eb338d6 Show response
www.barclaycardus.com/akam/11/ 32 KB
11 KB 240ms
239ms Script
application/javascript 23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/akam/11/5eb338d6
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 731e664a68a2dde44f045559e59be24ee22f2198452d53abb6fe7f2ef3df3b71

Request headers

:path: /akam/11/5eb338d6
pragma: no-cache
cookie: TSESSIONID=53F0FAA670EA17DC9278C26326EC3B36.applyweb_alpha_clzpsr000000023; XSESSIONID=89BA39540A39CAFD137F08A692E39C08; bm_sz=65C795D8B8D55ED151A51A5695C3B44C~YAAQg15swaVA5cV6AQAARZVpzgycXGj7K0AZbfV4nMmuriDyuyaIE+MdWhn2mYQCvSiiST/HqsgSTZv7vo5XYnqTpQqLMrt1EKgihIW/U4BHj3jKHKxfiYyvFZJOAnXo82YHF85avQa3BTTOSq1ibJwcWozq1K7gn+LAaETAwJpOcX1mqzLzxuCusl4kWZxy4GVrczPZqA==; _abck=E038CAA8AF57716F78574A5114D9FFC9~-1~YAAQg15swaZA5cV6AQAARZVpzgZtZaHDgH2a4/bSqTpZCEwHs/8g+XWoN6GUYwBfkLzLdGB+tTnNctO9obxALZ3ScfGtd7dhsXIdEYWaVwgaKfv00iynRWDz08W+/FgqXUc0Z3VO2/Tk/SS+cgyrhkrTjF5se5nCxQeMOhnsUMp78WvWzy5YlEMPhFV78hhd0POlqPzP6YA17r6cEdbOwdFviYDqnjtfXJJXbMpD7Fe8Oy5bPfb1H02pGBZFjM4cd7MhWih1v3eFKa+BtoN0vQJdy1tSOvn886OmODubCwDrP7IR5RNen+qaw8KAfeOHH+Co4Kn4GqeVMwvkCeYVpev5k2YM4wotIDOELivwElSXww7BsN68jA2rAzEqPbRtFtj0~-1~-1~-1; ak_bmsc=4AB719366CA2DACAEF861EA69ABB790A~000000000000000000000000000000~YAAQg15swadA5cV6AQAARZVpzgza3R/v6rHmUbUlL9j7U9pIcod59pe5LjrY4kFRxBuzMw3E1uxV4lzMcMb6x3vBgyZULPVRfgFA0/80WVs1ulQfv8HS5maMa4nOhYqoAIpmpKoxy8BK3Cg/l/iVlJLk09nbdpadFdEmwyFy8cwu9KjrFq3pka+IoGDINjnAlW2inM9pCesql3cAAYcXW6dJGsEqak5Lh7qb8Y/bfPCf05jHDybGDDfR1cM2zUjndbTPjwNQIewrr/vN647SJDEvByAGkr95LvQs1wAOlCpWGw4iQMNVjL020gWbKuiHKuIIBLtB5RqWc9p0S5a1TYe8DeESJMVoLcBolDscgNMTuS6YEncU+dCHDBYNDSUJX0cphcexFmMSwj/9UtwNxeM=; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CvVersion%7C5.2.0; mbox=session#91fcc7898d8546509f12ea31ce01d64e#1626962526; at_check=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.barclaycardus.com
referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:05:34 GMT
etag: "38f760f7f76d7a1118c91441968e40004688c9139d37a4cc29e0828b0d6d4738"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
set-cookie: ak_bmsc=4AB719366CA2DACAEF861EA69ABB790A~000000000000000000000000000000~YAAQg15swbhA5cV6AQAAvJtpzgzqzaD5ea926eptzenNRuZ7lHINQpsWRuV8xWDyptRZVEAvYi8PAOIW1PYd9oVllZL3l6qVz5rFA+XnM0Gu5tilaNEwV728RFrqTabZJ5rCmDr+xWKfwSyWSWKymUmZqKSve0xxYgfnoO8Wc1TxoD/oFaBDhCI6G4zeYUqlcjrv/nuTC0zE1Ow/1e14ftPFXW9DsUJWV/Z63BV53R8kR684nDHwUgQO9b7ordDc8L3NzEgkaoQ8tmF/gZZlkS7JpaiMHQe0RTZNBotw7piLNk7gZIoA0GCYoZoymbRlmu/nPGT5mIhfi3QER60qm0B17RnTo+2UtLxfzK0wc6UmuzVIvkW8GHW7rmjne/vE8ZRmbEBE9TkaSM05ymLOuTjCufmpPUeAPHA6UZGw94HNLqHFKtmouU2PorgetkC8rClo5MQb7qgWgTO6W5+lpH8cBNa0feRbGnZwa5rsBfNOhJOPydE=; Domain=.barclaycardus.com; Path=/; Expires=Thu, 22 Jul 2021 15:31:03 GMT; Max-Age=7198; HttpOnly
content-length: 10465
expires: Thu, 22 Jul 2021 13:31:05 GMT

GET
H/1.1

200
OK

modal-lightbox_ic.png
gif.barclaycardus.com/apply/img/base/browsers/
Redirect Chain

https://www.barclaycardus.com/apply/img/base/browsers/modal-lightbox_ic.png
https://gif.barclaycardus.com/apply/img/base/browsers/modal-lightbox_ic.png

8 KB
8 KB

117ms
117ms

Image
image/png

167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/img/base/browsers/modal-lightbox_ic.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:05 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Content-Length: 7720

Redirect headers

location: https://gif.barclaycardus.com/apply/img/base/browsers/modal-lightbox_ic.png
date: Thu, 22 Jul 2021 13:31:05 GMT
server: Apache
content-length: 283
content-type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

modal-lightbox.png
gif.barclaycardus.com/apply/img/base/browsers/
Redirect Chain

https://www.barclaycardus.com/apply/img/base/browsers/modal-lightbox.png
https://gif.barclaycardus.com/apply/img/base/browsers/modal-lightbox.png

8 KB
8 KB

118ms
118ms

Image
image/png

167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/img/base/browsers/modal-lightbox.png
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:05 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Content-Length: 7693

Redirect headers

location: https://gif.barclaycardus.com/apply/img/base/browsers/modal-lightbox.png
date: Thu, 22 Jul 2021 13:31:05 GMT
server: Apache
content-length: 280
content-type: text/html; charset=iso-8859-1

GET
H2 200 combo.action Show response
www.barclaycardus.com/apply/ 46 KB
46 KB 390ms
389ms Script
text/javascript 23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/apply/combo.action?LoadJS=landing
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c93ed4a0ce133909d5cd8ddd9325e4dc5facb853eee31b6095d29fe0de182e9b

Request headers

:path: /apply/combo.action?LoadJS=landing
pragma: no-cache
cookie: JSESSIONID=53F0FAA670EA17DC9278C26326EC3B36.applyweb_alpha_clzpsr000000023; TSESSIONID=53F0FAA670EA17DC9278C26326EC3B36.applyweb_alpha_clzpsr000000023; XSESSIONID=89BA39540A39CAFD137F08A692E39C08; bm_sz=65C795D8B8D55ED151A51A5695C3B44C~YAAQg15swaVA5cV6AQAARZVpzgycXGj7K0AZbfV4nMmuriDyuyaIE+MdWhn2mYQCvSiiST/HqsgSTZv7vo5XYnqTpQqLMrt1EKgihIW/U4BHj3jKHKxfiYyvFZJOAnXo82YHF85avQa3BTTOSq1ibJwcWozq1K7gn+LAaETAwJpOcX1mqzLzxuCusl4kWZxy4GVrczPZqA==; _abck=E038CAA8AF57716F78574A5114D9FFC9~-1~YAAQg15swaZA5cV6AQAARZVpzgZtZaHDgH2a4/bSqTpZCEwHs/8g+XWoN6GUYwBfkLzLdGB+tTnNctO9obxALZ3ScfGtd7dhsXIdEYWaVwgaKfv00iynRWDz08W+/FgqXUc0Z3VO2/Tk/SS+cgyrhkrTjF5se5nCxQeMOhnsUMp78WvWzy5YlEMPhFV78hhd0POlqPzP6YA17r6cEdbOwdFviYDqnjtfXJJXbMpD7Fe8Oy5bPfb1H02pGBZFjM4cd7MhWih1v3eFKa+BtoN0vQJdy1tSOvn886OmODubCwDrP7IR5RNen+qaw8KAfeOHH+Co4Kn4GqeVMwvkCeYVpev5k2YM4wotIDOELivwElSXww7BsN68jA2rAzEqPbRtFtj0~-1~-1~-1; ak_bmsc=4AB719366CA2DACAEF861EA69ABB790A~000000000000000000000000000000~YAAQg15swadA5cV6AQAARZVpzgza3R/v6rHmUbUlL9j7U9pIcod59pe5LjrY4kFRxBuzMw3E1uxV4lzMcMb6x3vBgyZULPVRfgFA0/80WVs1ulQfv8HS5maMa4nOhYqoAIpmpKoxy8BK3Cg/l/iVlJLk09nbdpadFdEmwyFy8cwu9KjrFq3pka+IoGDINjnAlW2inM9pCesql3cAAYcXW6dJGsEqak5Lh7qb8Y/bfPCf05jHDybGDDfR1cM2zUjndbTPjwNQIewrr/vN647SJDEvByAGkr95LvQs1wAOlCpWGw4iQMNVjL020gWbKuiHKuIIBLtB5RqWc9p0S5a1TYe8DeESJMVoLcBolDscgNMTuS6YEncU+dCHDBYNDSUJX0cphcexFmMSwj/9UtwNxeM=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.barclaycardus.com
referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
x-bstat: 11|A|applyweb|14
server
content-type: text/javascript;charset=ISO-8859-1
content-length: 46973
content-language: en-US

GET
H/1.1 200
OK jquery-ui.min.js Show response
gif.barclaycardus.com/apply/js/base/cas/lib/ 73 KB
20 KB 259ms
258ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/cas/lib/jquery-ui.min.js
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: bd159fcab61e389020442aa4b384af9b0fa2e2002e0800695ec729ebe11450bc

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:35 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Content-Length: 20312

GET
H2 200 cE0U Show response
www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/ 77 KB
20 KB 37ms
35ms Script
application/javascript 23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821

Request headers

:path: /Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
pragma: no-cache
cookie: TSESSIONID=53F0FAA670EA17DC9278C26326EC3B36.applyweb_alpha_clzpsr000000023; XSESSIONID=89BA39540A39CAFD137F08A692E39C08; bm_sz=65C795D8B8D55ED151A51A5695C3B44C~YAAQg15swaVA5cV6AQAARZVpzgycXGj7K0AZbfV4nMmuriDyuyaIE+MdWhn2mYQCvSiiST/HqsgSTZv7vo5XYnqTpQqLMrt1EKgihIW/U4BHj3jKHKxfiYyvFZJOAnXo82YHF85avQa3BTTOSq1ibJwcWozq1K7gn+LAaETAwJpOcX1mqzLzxuCusl4kWZxy4GVrczPZqA==; _abck=E038CAA8AF57716F78574A5114D9FFC9~-1~YAAQg15swaZA5cV6AQAARZVpzgZtZaHDgH2a4/bSqTpZCEwHs/8g+XWoN6GUYwBfkLzLdGB+tTnNctO9obxALZ3ScfGtd7dhsXIdEYWaVwgaKfv00iynRWDz08W+/FgqXUc0Z3VO2/Tk/SS+cgyrhkrTjF5se5nCxQeMOhnsUMp78WvWzy5YlEMPhFV78hhd0POlqPzP6YA17r6cEdbOwdFviYDqnjtfXJJXbMpD7Fe8Oy5bPfb1H02pGBZFjM4cd7MhWih1v3eFKa+BtoN0vQJdy1tSOvn886OmODubCwDrP7IR5RNen+qaw8KAfeOHH+Co4Kn4GqeVMwvkCeYVpev5k2YM4wotIDOELivwElSXww7BsN68jA2rAzEqPbRtFtj0~-1~-1~-1; ak_bmsc=4AB719366CA2DACAEF861EA69ABB790A~000000000000000000000000000000~YAAQg15swadA5cV6AQAARZVpzgza3R/v6rHmUbUlL9j7U9pIcod59pe5LjrY4kFRxBuzMw3E1uxV4lzMcMb6x3vBgyZULPVRfgFA0/80WVs1ulQfv8HS5maMa4nOhYqoAIpmpKoxy8BK3Cg/l/iVlJLk09nbdpadFdEmwyFy8cwu9KjrFq3pka+IoGDINjnAlW2inM9pCesql3cAAYcXW6dJGsEqak5Lh7qb8Y/bfPCf05jHDybGDDfR1cM2zUjndbTPjwNQIewrr/vN647SJDEvByAGkr95LvQs1wAOlCpWGw4iQMNVjL020gWbKuiHKuIIBLtB5RqWc9p0S5a1TYe8DeESJMVoLcBolDscgNMTuS6YEncU+dCHDBYNDSUJX0cphcexFmMSwj/9UtwNxeM=; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CvVersion%7C5.2.0; mbox=session#91fcc7898d8546509f12ea31ce01d64e#1626962526; at_check=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.barclaycardus.com
referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 16:10:06 GMT
etag: "d1dbb955755ca44a0b872a64f97c471a45b14e941f69d082c19f792576ae34fb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
set-cookie: _abck=E038CAA8AF57716F78574A5114D9FFC9~-1~YAAQg15swbVA5cV6AQAA8ZppzgbvL8Nwz2rclcxUJtlOLYotxmacQvFZcFBzWIMmzfJh3ICVCw/RE2vUOaOFiJEpjYtl4qBLNtyRbuMGXfYEHS8KaGtgqp/dpS7SL28B9VKo07aL3Xr6xjH/F+Y+v1Pg6yJvBLJSkGUwNfKZBpxOQlcJljoWoRj64e7quYCCjlSHk2fxJh1qotjzOFpLwn70db08EBr5jjdRuWJmMTVurkiZhK1RFofNtzMOTluEZRGlvvXgoWCahGpfi24NEqtcidh9oXdxFfhVXS0n1QQYxVm0OyvWFpIj55TPJLjy7GclD9KHFnt7NFjM3oJ7ksJcO/+KwuWg9dPsdG9cWyn+Qu1XYyvwRy5IvqaV7kUT9AVLPoqmuILNEa/thAyT13U=~-1~-1~-1; Domain=.barclaycardus.com; Path=/; Expires=Fri, 22 Jul 2022 13:31:05 GMT; Max-Age=31536000; Secure
content-length: 19642

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1626960665188
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1626960665188

5 KB
2 KB

57ms
57ms

XHR
application/json

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1626960665188

Requested by

Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

55ee0e5f8de91ebfd32f41d634d8f56df0807b6ce1953d9a4adf4008f267f151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0461d9108.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: i+WiT7DNTEo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.barclaycardus.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1537
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v012-044264ffa.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.barclaycardus.com
X-TID: wIeAU2YITD4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1626960665188
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXa7a9196db328423f82cf040de162f380-libraryCode_source.min.js Show response
assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/015dd3c8dbea/ 63 KB
22 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:6c00:296::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/015dd3c8dbea/EXa7a9196db328423f82cf040de162f380-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 63f759ab039c35716b45807ad9deb42f8ee4ed55222ccf43bfef9ae397179054

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:52:10 GMT
server: AkamaiNetStorage
etag: "76b3e5b2a7c1630edd75da84911a1b44:1618563130.607003"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.barclaycardus.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 22511
expires: Thu, 22 Jul 2021 14:31:05 GMT

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ 7 KB
7 KB 95ms
32ms Script
application/javascript 23.37.44.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-version-id: null
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
Server: AmazonS3
x-amz-request-id: TZ1Z2BV2278TSP3Z
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
Content-Type: application/javascript
Date: Thu, 22 Jul 2021 13:31:05 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7028
x-amz-id-2: zVEODGvOZAf+qHbCRZ9fDgf1zKdvhoYQYfr4sj/LDbPUmvkS4W/zN81B16Gw/cLHUuYkLTxGCeg=

GET
H2 200 tltWorker.js
www.barclaycardus.com/apply/js/base/tagging/ 29 KB
29 KB 164ms
164ms Other
application/javascript 23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/apply/js/base/tagging/tltWorker.js
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9110429c6e318631e4f49cd61974a5b733e4e8d3f0c9709314b29d5190a1bec

Request headers

:path: /apply/js/base/tagging/tltWorker.js
pragma: no-cache
cookie: JSESSIONID=53F0FAA670EA17DC9278C26326EC3B36.applyweb_alpha_clzpsr000000023; TSESSIONID=53F0FAA670EA17DC9278C26326EC3B36.applyweb_alpha_clzpsr000000023; XSESSIONID=89BA39540A39CAFD137F08A692E39C08; bm_sz=65C795D8B8D55ED151A51A5695C3B44C~YAAQg15swaVA5cV6AQAARZVpzgycXGj7K0AZbfV4nMmuriDyuyaIE+MdWhn2mYQCvSiiST/HqsgSTZv7vo5XYnqTpQqLMrt1EKgihIW/U4BHj3jKHKxfiYyvFZJOAnXo82YHF85avQa3BTTOSq1ibJwcWozq1K7gn+LAaETAwJpOcX1mqzLzxuCusl4kWZxy4GVrczPZqA==; _abck=E038CAA8AF57716F78574A5114D9FFC9~-1~YAAQg15swaZA5cV6AQAARZVpzgZtZaHDgH2a4/bSqTpZCEwHs/8g+XWoN6GUYwBfkLzLdGB+tTnNctO9obxALZ3ScfGtd7dhsXIdEYWaVwgaKfv00iynRWDz08W+/FgqXUc0Z3VO2/Tk/SS+cgyrhkrTjF5se5nCxQeMOhnsUMp78WvWzy5YlEMPhFV78hhd0POlqPzP6YA17r6cEdbOwdFviYDqnjtfXJJXbMpD7Fe8Oy5bPfb1H02pGBZFjM4cd7MhWih1v3eFKa+BtoN0vQJdy1tSOvn886OmODubCwDrP7IR5RNen+qaw8KAfeOHH+Co4Kn4GqeVMwvkCeYVpev5k2YM4wotIDOELivwElSXww7BsN68jA2rAzEqPbRtFtj0~-1~-1~-1; ak_bmsc=4AB719366CA2DACAEF861EA69ABB790A~000000000000000000000000000000~YAAQg15swadA5cV6AQAARZVpzgza3R/v6rHmUbUlL9j7U9pIcod59pe5LjrY4kFRxBuzMw3E1uxV4lzMcMb6x3vBgyZULPVRfgFA0/80WVs1ulQfv8HS5maMa4nOhYqoAIpmpKoxy8BK3Cg/l/iVlJLk09nbdpadFdEmwyFy8cwu9KjrFq3pka+IoGDINjnAlW2inM9pCesql3cAAYcXW6dJGsEqak5Lh7qb8Y/bfPCf05jHDybGDDfR1cM2zUjndbTPjwNQIewrr/vN647SJDEvByAGkr95LvQs1wAOlCpWGw4iQMNVjL020gWbKuiHKuIIBLtB5RqWc9p0S5a1TYe8DeESJMVoLcBolDscgNMTuS6YEncU+dCHDBYNDSUJX0cphcexFmMSwj/9UtwNxeM=; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CvVersion%7C5.2.0; mbox=session#91fcc7898d8546509f12ea31ce01d64e#1626962526; at_check=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: www.barclaycardus.com
referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
last-modified: Tue, 13 Jul 2021 14:04:36 GMT
server
etag: W/"29810-1626185076000"
content-type: application/javascript
x-bstat: 11|A|applyweb|14
accept-ranges: bytes
content-length: 29810

POST
H2 201 cE0U
www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/ 18 B
657 B 266ms
266ms XHR
application/json 23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://www.barclaycardus.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: TSESSIONID=53F0FAA670EA17DC9278C26326EC3B36.applyweb_alpha_clzpsr000000023; XSESSIONID=89BA39540A39CAFD137F08A692E39C08; bm_sz=65C795D8B8D55ED151A51A5695C3B44C~YAAQg15swaVA5cV6AQAARZVpzgycXGj7K0AZbfV4nMmuriDyuyaIE+MdWhn2mYQCvSiiST/HqsgSTZv7vo5XYnqTpQqLMrt1EKgihIW/U4BHj3jKHKxfiYyvFZJOAnXo82YHF85avQa3BTTOSq1ibJwcWozq1K7gn+LAaETAwJpOcX1mqzLzxuCusl4kWZxy4GVrczPZqA==; ak_bmsc=4AB719366CA2DACAEF861EA69ABB790A~000000000000000000000000000000~YAAQg15swadA5cV6AQAARZVpzgza3R/v6rHmUbUlL9j7U9pIcod59pe5LjrY4kFRxBuzMw3E1uxV4lzMcMb6x3vBgyZULPVRfgFA0/80WVs1ulQfv8HS5maMa4nOhYqoAIpmpKoxy8BK3Cg/l/iVlJLk09nbdpadFdEmwyFy8cwu9KjrFq3pka+IoGDINjnAlW2inM9pCesql3cAAYcXW6dJGsEqak5Lh7qb8Y/bfPCf05jHDybGDDfR1cM2zUjndbTPjwNQIewrr/vN647SJDEvByAGkr95LvQs1wAOlCpWGw4iQMNVjL020gWbKuiHKuIIBLtB5RqWc9p0S5a1TYe8DeESJMVoLcBolDscgNMTuS6YEncU+dCHDBYNDSUJX0cphcexFmMSwj/9UtwNxeM=; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CvVersion%7C5.2.0; mbox=session#91fcc7898d8546509f12ea31ce01d64e#1626962526; at_check=true; _abck=E038CAA8AF57716F78574A5114D9FFC9~-1~YAAQg15swbVA5cV6AQAA8ZppzgbvL8Nwz2rclcxUJtlOLYotxmacQvFZcFBzWIMmzfJh3ICVCw/RE2vUOaOFiJEpjYtl4qBLNtyRbuMGXfYEHS8KaGtgqp/dpS7SL28B9VKo07aL3Xr6xjH/F+Y+v1Pg6yJvBLJSkGUwNfKZBpxOQlcJljoWoRj64e7quYCCjlSHk2fxJh1qotjzOFpLwn70db08EBr5jjdRuWJmMTVurkiZhK1RFofNtzMOTluEZRGlvvXgoWCahGpfi24NEqtcidh9oXdxFfhVXS0n1QQYxVm0OyvWFpIj55TPJLjy7GclD9KHFnt7NFjM3oJ7ksJcO/+KwuWg9dPsdG9cWyn+Qu1XYyvwRy5IvqaV7kUT9AVLPoqmuILNEa/thAyT13U=~-1~-1~-1
content-length: 1456
:path: /Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.barclaycardus.com
referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.barclaycardus.com
access-control-allow-credentials: true
set-cookie: _abck=E038CAA8AF57716F78574A5114D9FFC9~-1~YAAQg15swblA5cV6AQAAfZxpzgaSpFsixkkkSmR4M39ZnSgBzxLNB19NXtsiBomPJhMsXbeAWGWxinsFHsQN6g0huUA/R+liwnwH3I67u1SkfwCNIaq6lbWZCaeUoGrqNIosbtj8Ijw0wrrGT4HdYLWt5UGri1pAwnoNukhx5l3XHrju4q/Udc8BhU7LtckoJoEJRsvpLk+Hskdejt7yMYNRto1WA5VMQ0ogs19iM0OsvJ0usPnYMYpM+eAFJIUwf+j2gqzxf2W15K/f3zpKdj2oQGKvCUGHG+NfSIevKdw67c2geddCXdNFdt3b6vRkGlPzY0x2q49Y5Md5PqSzDRjz4fwAtYn4J+IiTAy9MEqie3vKCCmxVgMMU+G5FQ4Z2px1ENCkF61zOXVuJcFQIzQ=~-1~||1-djBFQOZmXE-1-10-1000-2||~-1; Domain=.barclaycardus.com; Path=/; Expires=Fri, 22 Jul 2022 13:31:05 GMT; Max-Age=31536000; Secure
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 37ms
37ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 13:31:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: ESm4izcA6YvPtp1YqV+/B1oWUpcV+/gygyzh8zjXV2IzmRGux0g31mHvgykyzM67dMigWMFFtewGIIGYBachjA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 22 Jul 2021 13:31:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-933821389&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8fab93d5df7ebde3dec2f54b365ef047df4911e1a66b60cb5945e6efc76f396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37981
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Jul 2021 13:31:05 GMT

GET
H2 200 controltag
cdn.krxd.net/ 37 KB
8 KB 173ms
114ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag?confid=KS56sWYR
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 22 Jul 2021 13:31:05 GMT
via: 1.1 varnish, 1.1 varnish
age: 872
x-cache: MISS, HIT, MISS
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 7763
x-served-by: config-service-a001-ash-prod.krxd.net, cache-bwi5128-BWI, cache-fra19143-FRA
x-response-time: 1
x-do-esi: esi
x-timer: S1626960666.550055,VS0,VE88
etag: "256cc0b1103a94f82321a2d48edf1e392af3d88e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 0

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 47ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 18:24:21 GMT
x-msedge-ref: Ref A: 541B9EFC6C6E4D0086E627946BB0B379 Ref B: FRAEDGE1416 Ref C: 2021-07-22T13:31:05Z
etag: "80b87575947dd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9014

GET
H/1.1 200
OK MasterTMS.min.js
secure-cdn.mplxtms.com/s/ 567 KB
158 KB 127ms
41ms Script
application/javascript 104.111.233.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-cdn.mplxtms.com/s/MasterTMS.min.js
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-48.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 18:37:36 GMT
Server: Apache
ETag: "8dbaa-5ba5ec3b3dc08-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 161550

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-2784362

Requested by

Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1dc9ca262e224217a9bb38f9140bbed39de1a7545fe984328122b62aa983d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36968
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Jul 2021 13:31:05 GMT

GET
H/1.1 200
OK hghca1.js
px.owneriq.net/stas/s/ 12 KB
12 KB 120ms
41ms Script
text/javascript 104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/stas/s/hghca1.js
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:05 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
Content-Type: text/javascript
X-Powered-By: PHP/5.3.3
Content-Length: 12359
Expires: Thu, 22 Jul 2021 13:31:05 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D60225231-6e2f-3f8f-9235-65001c7f2ef5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.jetblue.com&ex-hargs=v%3D1.0%3Bc%3D450534...
https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D60225231-6e2f-3f8f-9235-65001c7f2ef5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.jetblue.com&ex-hargs=v%3D1.0%3Bc%3D450534...

0
0

135ms
134ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D60225231-6e2f-3f8f-9235-65001c7f2ef5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.jetblue.com&ex-hargs=v%3D1.0%3Bc%3D4505343305984%3Bp%3D60225231-6E2F-3F8F-9235-65001C7F2EF5&cb=278576436371560160&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 13:31:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VWCXASG1DWEN6C8SH9A0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D60225231-6e2f-3f8f-9235-65001c7f2ef5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.jetblue.com&ex-hargs=v%3D1.0%3Bc%3D4505343305984%3Bp%3D60225231-6E2F-3F8F-9235-65001C7F2EF5&cb=278576436371560160&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
261 B 148ms
48ms Image
image/gif 52.30.148.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=pt3i2aa&ct=0:4qlil8r&fmt=3
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.148.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-148-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

src=5547554;dc_pre=CJPGwuTk9vECFYjwsgodBcsCxg;type=invmedia;cat=sufx5ywp;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://secure.adnxs.com/px?id=655771&seg=4427131&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D655771%26seg%3D4427131%26t%3D2
https://ad.doubleclick.net/ddm/activity/src=5547554;type=invmedia;cat=sufx5ywp;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=5547554;dc_pre=CJPGwuTk9vECFYjwsgodBcsCxg;type=invmedia;cat=sufx5ywp;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://adservice.google.com/ddm/fls/z/src=5547554;dc_pre=CJPGwuTk9vECFYjwsgodBcsCxg;type=invmedia;cat=sufx5ywp;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

42 B
63 B

58ms
42ms

Image
image/gif

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=5547554;dc_pre=CJPGwuTk9vECFYjwsgodBcsCxg;type=invmedia;cat=sufx5ywp;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=5547554;dc_pre=CJPGwuTk9vECFYjwsgodBcsCxg;type=invmedia;cat=sufx5ywp;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=ceb3c1abc3ce44bfbb3ef45663e0f03f&t=marketing
https://tags.w55c.net/rs?sccid=40e26dfa-04fe-d540-d8a2-7ca96d8e24e2&scc=1&id=ceb3c1abc3ce44bfbb3ef45663e0f03f&t=marketing

42 B
699 B

45ms
44ms

Image
image/gif

3.124.143.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=40e26dfa-04fe-d540-d8a2-7ca96d8e24e2&scc=1&id=ceb3c1abc3ce44bfbb3ef45663e0f03f&t=marketing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.143.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-143-99.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-661-ga8ef792#rel-ec2-master i-0b5388877fe362141@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 13:31:05 GMT
Server: Retargeting/v2.0.30-661-ga8ef792#rel-ec2-master i-0b5388877fe362141@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 13:31:05 GMT
Server: Retargeting/v2.0.30-661-ga8ef792#rel-ec2-master i-0b5388877fe362141@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://tags.w55c.net/rs?sccid=40e26dfa-04fe-d540-d8a2-7ca96d8e24e2&scc=1&id=ceb3c1abc3ce44bfbb3ef45663e0f03f&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET lb
secure.leadback.advertising.com/adcedge/ 0
0

GET
H/1.1 302
Found pt.png
dt.scanscout.com/ssframework/dt/ 43 B
356 B 475ms
119ms Image
image/gif 199.127.207.184
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.scanscout.com/ssframework/dt/pt.png?trackcd=1452719445597
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.127.207.184 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:05 GMT
useSecure: true
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 Pong.ashx
set.tidaltv.com/ 42 B
329 B 90ms
29ms Image
image/gif 2a05:d018:24:b001:d120:1359:acbb:2de6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://set.tidaltv.com/Pong.ashx?tids=797926|2400

Requested by

Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:24:b001:d120:1359:acbb:2de6 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:05 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
server: Apache-Coyote/1.1
content-type: image/gif
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK dest5.html
barclaybankdelaware.demdex.net/ Frame 97CB 7 KB
3 KB 215ms
52ms Document
text/html 63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaybankdelaware.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: barclaybankdelaware.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.barclaycardus.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=34732258639944293973079970323802193410
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.barclaycardus.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 22 Jul 2021 13:31:05 GMT
DCS: dcs-prod-irl1-2-v012-0a68183d3.edge-irl1.demdex.com 6.3.1.20210623115127
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 2 Jul 2021 08:59:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 3lTDWJNrSYA=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id
metrics.barclaycardus.com/ 48 B
517 B 176ms
41ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.barclaycardus.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=A829776A5245B3280A490D44%40AdobeOrg&mid=42983624458653584002390278816997057943&ts=1626960665500

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-58944c9887-s5xhz
vary: Origin
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.barclaycardus.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 /
lasteventf-tm.everesttech.net/ 0
211 B 87ms
29ms XHR
text/plain 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=A829776A5245B3280A490D44@AdobeOrg&_les_sdid=5CE1995CB3376A95-20EF30184155CF1F&_les_last_search_click=&_les_rsid=barclaysglobalacq,barclaysusglobal&_les_mid=42983624458653584002390278816997057943&_les_url=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626960666.574914,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.barclaycardus.com
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19151-FRA

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=34732258639944293973079970323802193410
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPlzGQAAALwJqALs
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YPlzGQAAALwJqALs

42 B
958 B

55ms
54ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YPlzGQAAALwJqALs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-01a7a837a.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: my569w9+Tuo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v012-0c6811f58.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vu2H8bAfRHc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YPlzGQAAALwJqALs
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 delivery
barclaycardus.tt.omtrdc.net/rest/v1/ 286 B
514 B 185ms
72ms XHR
application/json 52.18.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://barclaycardus.tt.omtrdc.net/rest/v1/delivery?client=barclaycardus&sessionId=91fcc7898d8546509f12ea31ce01d64e&version=2.4.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.150.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.barclaycardus.com
date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 63bc4454cc782ba8869b6e5f182c5a94
content-type: application/json;charset=UTF-8

GET
H3-29 200 759780814143568
connect.facebook.net/signals/config/ 261 KB
74 KB 67ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/759780814143568?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: YUxtN0mK24Q07L65o6kDDryXApPkgTueD4nC7xg6w/QtZu8nfSayZCEW0GUtJytnVn6vGm8XJ47HiCOPVr+EJA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Jul 2021 13:31:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 js
www.googletagmanager.com/gtag/ 94 KB
37 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-933821389&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-2784362

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37989
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Jul 2021 13:31:05 GMT

GET
H2 204 5103746.js
bat.bing.com/p/action/ 0
127 B 223ms
223ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5103746.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 22 Jul 2021 13:31:05 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 2667BA8DE6574C66BF3CDC9792E36602 Ref B: FRAEDGE1416 Ref C: 2021-07-22T13:31:05Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
149 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5103746&Ver=2&mid=2c5e444a-6db3-448e-8e02-9e2e1948d32a&sid=10d6eda0eaf111eb97cd6d63a6bda321&vid=10d70240eaf111eb8be3f760221ca38a&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD&r=&evt=pageLoad&msclkid=N&sv=1&rn=665397
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 22 Jul 2021 13:31:05 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 617971330E2345E8A1A636C9C6D4588E Ref B: FRAEDGE1416 Ref C: 2021-07-22T13:31:05Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CKDRqeTk9vECFVQHBgAdzRcAIw;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLa...
2784362.fls.doubleclick.net/ Frame 9B0E
Redirect Chain

https://2784362.fls.doubleclick.net/activityi;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2F...
https://2784362.fls.doubleclick.net/activityi;dc_pre=CKDRqeTk9vECFVQHBgAdzRcAIw;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%...

489 B
423 B

112ms
77ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2784362.fls.doubleclick.net/activityi;dc_pre=CKDRqeTk9vECFVQHBgAdzRcAIw;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-2784362

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2784362.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKDRqeTk9vECFVQHBgAdzRcAIw;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.barclaycardus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jul 2021 13:31:05 GMT
expires: Thu, 22 Jul 2021 13:31:05 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 398
x-xss-protection: 0
set-cookie: IDE=AHWqTUlXqDUqik0N55C-onC8jveIHu1yIUQP2ypOGDN9sfFC1KCCEmkNWeYuORaeplo; expires=Tue, 16-Aug-2022 13:31:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jul 2021 13:31:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://2784362.fls.doubleclick.net/activityi;dc_pre=CKDRqeTk9vECFVQHBgAdzRcAIw;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activityi;register_conversion=1;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action...
2784362.fls.doubleclick.net/ 0
0 111ms
35ms Image
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2784362.fls.doubleclick.net/activityi;register_conversion=1;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD?
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f6.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 RCa4a2ef3b74ff4c44ab2e391146c8819a-source.min.js
assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/015dd3c8dbea/ 11 KB
4 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/015dd3c8dbea/RCa4a2ef3b74ff4c44ab2e391146c8819a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:52:10 GMT
server: AkamaiNetStorage
etag: "76b3e5b2a7c1630edd75da84911a1b44:1618563130.607003"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.barclaycardus.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 4273
expires: Thu, 22 Jul 2021 14:31:05 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/933821389/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/933821389/?random=1626960665656&cv=9&fst=1626960665656&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK Primary Request Cookie set Application.action Show response
www.jetbluepluscard.com/apply/ 306 KB
307 KB 1252ms
437ms Document
text/html 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: c8d2c5cf49de01ba73d6c1b5fff42db17e2d306896032af564de151dbf12d6b7

Request headers

Host: www.jetbluepluscard.com
Connection: keep-alive
Content-Length: 227
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://www.barclaycardus.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.barclaycardus.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.barclaycardus.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.barclaycardus.com/

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Server
Cache-Control: no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
x-bstat: 11|A|applyweb|113
Set-Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; Path=/apply; HttpOnly; secure TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; Path=/
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 9EDC
Redirect Chain

https://px.owneriq.net/eps?pt=hghca1&pid=6665&uid=Q6802470651549956627J&l=true
https://px.owneriq.net/noop?ct=text%2Fhtml

0
355 B

38ms
37ms

Document
text/html

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=text%2Fhtml
Requested by: Host: px.owneriq.net
URL: https://px.owneriq.net/stas/s/hghca1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: px.owneriq.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.barclaycardus.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 22 Jul 2021 13:31:05 GMT
Content-Length: 20
Connection: keep-alive

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=text%2Fhtml
Date: Thu, 22 Jul 2021 13:31:05 GMT
Connection: keep-alive

GET
H/1.1

200
OK

noop
px.owneriq.net/
Redirect Chain

https://px.owneriq.net/j/?ref=https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD&pt=hghca1&t=f%7C%22%22&s=o1bd
https://px.owneriq.net/noop?ct=application%2Fx-javascript

0
370 B

38ms
38ms

Script
application/x-javascript

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 20

Redirect headers

Location: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Date: Thu, 22 Jul 2021 13:31:05 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 resource.png
www.barclaycardus.com/apply/ 67 B
396 B 326ms
325ms XHR
image/png 23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/apply/resource.png
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

:path: /apply/resource.png
pragma: no-cache
cookie: adcloud={%22_les_v%22:%22y%2Cbarclaycardus.com%2C1626962465%22}; s_ecid=MCMID%7C42983624458653584002390278816997057943
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.barclaycardus.com
referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:05 GMT
last-modified: Thu, 22 Jul 2021 13:31:05 GMT
server
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private
x-bstat: 11|A|applyweb|15
set-cookie: JSESSIONID=5EA340A713C78FAC7CCE07AE8D508E4A.applyweb_alpha_clzpsr000000024; Path=/apply; HttpOnly; secure XSESSIONID=78A31F1E6E3A94F2CBF4DB0BDCC127AC;Secure;Path=/;Version=1;domain=barclaycardus.com;
content-length: 67
expires: Fri, 22 Jul 2022 13:31:05 GMT

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04
cdn.krxd.net/ctjs/ 259 KB
83 KB 28ms
27ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag?confid=KS56sWYR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 22 Jul 2021 13:31:06 GMT
content-encoding: gzip
age: 13942742
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1231235
content-length: 84451
x-served-by: cache-fra19143-FRA
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1626960666.025848,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=759780814143568&ev=PageView&dl=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD&rl=&if=false&ts=1626960666028&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626960666027.397201021&it=1626960665523&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Jul 2021 13:31:06 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=759780814143568&ev=jb_cc_lp_visit&dl=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD&rl=&if=false&ts=1626960666031&cd[card_type]=Fee&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626960666027.397201021&it=1626960665523&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Jul 2021 13:31:06 GMT

POST
H2 201 cE0U
www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/ 18 B
660 B 218ms
218ms XHR
application/json 23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://www.barclaycardus.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: adcloud={%22_les_v%22:%22y%2Cbarclaycardus.com%2C1626962465%22}; s_ecid=MCMID%7C42983624458653584002390278816997057943; bm_sz=CA8F8FCFB66E10ED06309B14C7671A71~YAAQg15swcJA5cV6AQAA3ZxpzgzBoMKSFWQzq8NtPmtA/13+A6osMcn9kME+CZGNKxvXin00M/yw+FC/oVepiTmUJBkH8a30Y+cspr7aSqrCsIBtFs+GGPdeK1SmEmQxr5WuodKj9DbIyWBLvUEASs/hoMxy54vxZ+6q2xsGi4Z7EaKeOJH3qyNj3AfF2UrHLLT9KG0Cgw==; _abck=81ED0BFEA19A0C3E2152F22BBC290D6A~-1~YAAQg15swcNA5cV6AQAA3ZxpzgZ0V+t8iPbTl9zNoEmz0VgvSP4KdtDWcAUuVoHu+Y0f17jr2uX985qBc7TlD6SuDYZZbgKs03sT+/RSmfIpRCLim/kSH4OZHyfuzkOfxQ0xCzQ8+3dvZvDLG2cqSgxlmnJFWeC4/AnpuENujuJKEO0mzqbvjLA1KW9cIyeqn3+zDPZAXxCyp5yuXJCQIZ1tZjBNuIsU1+AAhng1e2CwwOlQ10xSPczQcpQH39+6ZHVQuCxu5y9KE5Nac3B0OaRzCwj4DXcqSTYQKKA73+A6oczCFDFpenxPp82cx4UGEaszqACSAvs6wu31EzZv4+SsyClNIOanDIO8K+Soz6kAyr0Bp5mm1YAqPw1aWwR8Nn3C~-1~-1~-1; ak_bmsc=F1CDBB65C8100E2459CFB51308850626~000000000000000000000000000000~YAAQg15swcRA5cV6AQAA3ZxpzgwVO3ksiQxOV+unNx0GyZiiwO941+TGnl/z5YAMWoqClxgc3Sm027yH5Q4P+RxQ/s/oPQqAVkRsQQUFYPBBbnLWq3ttJp0M2u3utlufW4HGIHJm2dtlgERo0lG7/QKRyyYdk4eOufSdw6PpmwfSOo6cUyuHjIW1pKX6nfelYzyurQuhrYu0Ea88X6nuwS//wOslZymYJwu2W9H+naU6o2MsgWAy7B44/nrKm5kljyxCf8/mMcGn9UUc7AwJa92MWhS/u9dea/JI/N4PF7NXAt5g8gCbgUZtH7ZwpWVekeeA49hzGi3NtbrXXi7CIY/bBBqfXE+un6QL7FkUvlLkZuCs/+sP+ozr/kqmhrbqPbV5kY1DAcrEs3AX6BWmsC8=; XSESSIONID=78A31F1E6E3A94F2CBF4DB0BDCC127AC; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C42983624458653584002390278816997057943%7CMCAAMLH-1627565465%7C6%7CMCAAMB-1627565465%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967866s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; _fbp=fb.1.1626960666027.397201021; mbox=PC#91fcc7898d8546509f12ea31ce01d64e.37_0#1690205467|session#91fcc7898d8546509f12ea31ce01d64e#1626962527
content-length: 1704
:path: /Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.barclaycardus.com
referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 22 Jul 2021 13:31:06 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.barclaycardus.com
access-control-allow-credentials: true
set-cookie: _abck=81ED0BFEA19A0C3E2152F22BBC290D6A~-1~YAAQg15swclA5cV6AQAAxZ5pzgYG7G55n/v+YFdV9UFYCxlo01X4NvB8YSLQjwFicEWBI6x65j20T2CzSY0U7HUvcsFTwd2ErzhIqF8FOotQKvHCMuDW6mmpbDiN/DwrDiJceLF1xqcP1ZCqIUdSSYrYudRYjtXf3h43kXNxKpKmLKABpbcIVRmKByAfLZDMBNKr8DvyWTB0M28aE9u35JHXC/3l5d501c4lLWkfpyUgvoiHu6yIwY1eFKIjyXlfZ6uYy7yXXdfxmxf/08SBNHRGXq+9KSZG1B4Bq9y5PnUvYprltGkICNlLOwxtdSaK2M9sidoFmvKy9COphigBgsFOxOAqd4gMH7WqqOrECPQlmZsrmd42omkIPXE8qrMZDwFJ2aB6CYDDZwoGcN2DGDY=~-1~||1-jXUFyRVUFg-1-10-1000-2||~-1; Domain=.barclaycardus.com; Path=/; Expires=Fri, 22 Jul 2022 13:31:06 GMT; Max-Age=31536000; Secure
access-control-allow-headers: Content-Type
content-length: 18

GET
H/1.1 200
OK 1131.json
secure-cdn.mplxtms.com/siteJSON/1131/ 6 KB
1 KB 203ms
126ms XHR
application/json 104.111.233.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-cdn.mplxtms.com/siteJSON/1131/1131.json
Requested by: Host:
URL: webpack-internal:///40
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-48.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jun 2020 19:03:25 GMT
Server: Apache
ETag: "16ed-5a8b0e5c0cfc7-gzip"
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 952

GET
H2 200 /
www.google.com/pagead/1p-user-list/933821389/ 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/933821389/?random=1626960665656&cv=9&fst=1626958800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD&async=1&fmt=3&is_vtc=1&random=3190315840&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/933821389/ 42 B
108 B 28ms
28ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/933821389/?random=1626960665656&cv=9&fst=1626958800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD&async=1&fmt=3&is_vtc=1&random=3190315840&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKDRqeTk9vECFVQHBgAdzRcAIw;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D28...
adservice.google.com/ddm/fls/z/ Frame 9B0E 42 B
262 B 42ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKDRqeTk9vECFVQHBgAdzRcAIw;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD

Requested by

Host: 2784362.fls.doubleclick.net
URL: https://2784362.fls.doubleclick.net/activityi;dc_pre=CKDRqeTk9vECFVQHBgAdzRcAIw;src=2784362;type=jetbl0;cat=jbcsi00;ord=4559740265562;gtm=2od7j0;auiddc=1929665498.1626960666;ps=1;~oref=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2784362.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=a30da5cfd8663331480baf28a1b16d3b0d083946e48021b553e9894664ee2c05b0da87c991749652
dpm.demdex.net/ Frame 97CB
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=34732258639944293973079970323802193410
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMzQ3MzIyNTg2Mzk5NDQyOTM5NzMwNzk5NzAzMjM4MDIxOTM0MTAQABoNCJrm5YcGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=a30da5cfd8663331480baf28a1b16d3b0d083946e48021b553e9894664ee2c05b0da87c991749652

42 B
958 B

54ms
54ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=a30da5cfd8663331480baf28a1b16d3b0d083946e48021b553e9894664ee2c05b0da87c991749652

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-071874892.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Us8dRvK9Szo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 22 Jul 2021 13:31:06 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=a30da5cfd8663331480baf28a1b16d3b0d083946e48021b553e9894664ee2c05b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 s49718881813635
metrics.barclaycardus.com/b/ss/barclaysglobalacq,barclaysusglobal/10/JS-2.22.0-LBRU/ 5 KB
6 KB 67ms
67ms Script
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.barclaycardus.com/b/ss/barclaysglobalacq,barclaysusglobal/10/JS-2.22.0-LBRU/s49718881813635?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=22%2F6%2F2021%2015%3A31%3A6%204%20-120&d.&nsid=0&jsonv=1&.d&sdid=5CE1995CB3376A95-20EF30184155CF1F&mid=42983624458653584002390278816997057943&aamlh=6&ce=UTF-8&pageName=JBE%3AConsumer%3AHome&g=https%3A%2F%2Fwww.barclaycardus.com%2Fapply%2FLanding.action%3FcampaignId%3D2899%26cellNumber%3D9%26referrerid%3DPTREM0721MD&cc=USD&ch=Consumer%3ALanding&server=www.barclaycardus.com&v0=0002899%7C009&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=New&c8=D%3Dv8&v8=year%3D2021%20%7C%20month%3DJuly%20%7C%20date%3D22%20%7C%20day%3DThursday%20%7C%20time%3D9%3A31%20AM&c11=D%3Dv12&v12=JBE&c13=D%3Dv14&v14=006&c15=56784&c16=D%3Dv17&v17=CCMMX87462&c21=D%3Dv22&v22=PTREM0721MD&c26=D%3Dv26&v26=0002899%7C009&c27=JBE%3AConsumer%3AHome&v27=03&c29=D%3Dv29&v29=Adobe%20Launch-AA%3A2.22.0-ECID%3A5.2.0-DIL%3A7.0&c30=D%3Dv30&v30=JBE%7C006&v39=Consumer-FullAppInstantDecision&v41=JBE%3AInvisiblePage&c45=D%3Dv45&v45=New%20Visitor&c48=D%3Dg&v48=D%3Dg&c50=JBE%3AConsumer%3AHome%3A0002899%7C009&v52=53F0FAA670EA17DC9278C26326EC3B36.applyweb_alpha_clzpsr000000023&v99=NO_UUID&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A829776A5245B3280A490D44%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/015dd3c8dbea/EXa7a9196db328423f82cf040de162f380-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-aam-tid: rOJ5YW28RVc=
date: Thu, 22 Jul 2021 13:31:06 GMT
x-content-type-options: nosniff
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
vary: *
content-length: 5158
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v012-0b80c2d87.edge-irl1.demdex.com 6.3.1.20210623115127
pragma: no-cache
last-modified: Fri, 23 Jul 2021 13:31:06 GMT
server: jag
xserver: anedge-58944c9887-n4wxm
etag: 3493871426326233088-4619758003607312151
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 21 Jul 2021 13:31:06 GMT

GET
H2 200 optout_check
beacon.krxd.net/ 61 B
221 B 150ms
49ms Script
text/javascript 52.30.5.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.jetblue.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.5.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-5-180.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:06 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=28 t=1626960666
x-served-by: beacon-n024-dub-prod.krxd.net
content-type: text/javascript

POST
H2 200 pixel_5eb338d6
www.barclaycardus.com/akam/11/ 0
575 B 37ms
37ms XHR
text/html 23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/akam/11/pixel_5eb338d6
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/akam/11/5eb338d6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://www.barclaycardus.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: adcloud={%22_les_v%22:%22y%2Cbarclaycardus.com%2C1626962465%22}; s_ecid=MCMID%7C42983624458653584002390278816997057943; bm_sz=CA8F8FCFB66E10ED06309B14C7671A71~YAAQg15swcJA5cV6AQAA3ZxpzgzBoMKSFWQzq8NtPmtA/13+A6osMcn9kME+CZGNKxvXin00M/yw+FC/oVepiTmUJBkH8a30Y+cspr7aSqrCsIBtFs+GGPdeK1SmEmQxr5WuodKj9DbIyWBLvUEASs/hoMxy54vxZ+6q2xsGi4Z7EaKeOJH3qyNj3AfF2UrHLLT9KG0Cgw==; ak_bmsc=F1CDBB65C8100E2459CFB51308850626~000000000000000000000000000000~YAAQg15swcRA5cV6AQAA3ZxpzgwVO3ksiQxOV+unNx0GyZiiwO941+TGnl/z5YAMWoqClxgc3Sm027yH5Q4P+RxQ/s/oPQqAVkRsQQUFYPBBbnLWq3ttJp0M2u3utlufW4HGIHJm2dtlgERo0lG7/QKRyyYdk4eOufSdw6PpmwfSOo6cUyuHjIW1pKX6nfelYzyurQuhrYu0Ea88X6nuwS//wOslZymYJwu2W9H+naU6o2MsgWAy7B44/nrKm5kljyxCf8/mMcGn9UUc7AwJa92MWhS/u9dea/JI/N4PF7NXAt5g8gCbgUZtH7ZwpWVekeeA49hzGi3NtbrXXi7CIY/bBBqfXE+un6QL7FkUvlLkZuCs/+sP+ozr/kqmhrbqPbV5kY1DAcrEs3AX6BWmsC8=; XSESSIONID=78A31F1E6E3A94F2CBF4DB0BDCC127AC; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; _fbp=fb.1.1626960666027.397201021; mbox=PC#91fcc7898d8546509f12ea31ce01d64e.37_0#1690205467|session#91fcc7898d8546509f12ea31ce01d64e#1626962527; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C42983624458653584002390278816997057943%7CMCAAMLH-1627565465%7C6%7CMCAAMB-1627565465%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967866s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18838%7CvVersion%7C5.2.0; kxjetblue_visits=1; s_nr30=1626960666157-New; s_tslv=1626960666172; s_ppv1l=%5B%5BB%5D%5D; s_ppv1=JBE%253AConsumer%253AHome%2C100%2C6667%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP; gpv_pn=JBE%3AConsumer%3AHome; s_cc=true; _abck=81ED0BFEA19A0C3E2152F22BBC290D6A~-1~YAAQg15swclA5cV6AQAAxZ5pzgYG7G55n/v+YFdV9UFYCxlo01X4NvB8YSLQjwFicEWBI6x65j20T2CzSY0U7HUvcsFTwd2ErzhIqF8FOotQKvHCMuDW6mmpbDiN/DwrDiJceLF1xqcP1ZCqIUdSSYrYudRYjtXf3h43kXNxKpKmLKABpbcIVRmKByAfLZDMBNKr8DvyWTB0M28aE9u35JHXC/3l5d501c4lLWkfpyUgvoiHu6yIwY1eFKIjyXlfZ6uYy7yXXdfxmxf/08SBNHRGXq+9KSZG1B4Bq9y5PnUvYprltGkICNlLOwxtdSaK2M9sidoFmvKy9COphigBgsFOxOAqd4gMH7WqqOrECPQlmZsrmd42omkIPXE8qrMZDwFJ2aB6CYDDZwoGcN2DGDY=~-1~||1-jXUFyRVUFg-1-10-1000-2||~-1
content-length: 3090
:path: /akam/11/pixel_5eb338d6
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.barclaycardus.com
referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 22 Jul 2021 13:31:06 GMT
set-cookie: ak_bmsc=F1CDBB65C8100E2459CFB51308850626~000000000000000000000000000000~YAAQg15swcpA5cV6AQAA/55pzgxYLvXZtcjaGO/6Isp/ZNXKpRE+TrOMtMWMR8em6DDKnnTj89UysYwTIKWgsdSvkTd6gNZBSV4zuUaZIByalkkUajzYP2aQVn7sN6y8bhxAnyfbIxwqPaQp6HsLFVj7wFLMKVjPA54+3qNFpHyHk9q1KzugK67FcyPaz1KixUZrUtpOqAD2T1KWMdz40er3GAO34H/6Wdx6kLRkgKU2FyG/CulMVCGOa0AMGBynGovSVmWlwSfRPTkL3+Qm5srjywjNCIRQhmU0Vozs18iGc397TwfuI2V7zhrsZgKWroLPY+uC/w3KOkRTBo9hsQ8x24oWu1ETwOaTW+/2PTK9YIfDRN5VhPdepiOsdOJwQmr+3ta1YJo5OLe9wnzvqDJU1BkLUy5wX5TlbNUFgs/dxo+0uepRDPqVL/wabjJyW38pLkXCQcCAkgfaWMApdQ==; Domain=.barclaycardus.com; Path=/; Expires=Thu, 22 Jul 2021 15:31:05 GMT; Max-Age=7199; HttpOnly
content-length: 0
content-type: text/html

GET
H2 200 5d3a6c7b-c015-447c-a038-7762f3c3b014
consumer.krxd.net/consent/get/ 235 B
427 B 116ms
56ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5d3a6c7b-c015-447c-a038-7762f3c3b014?idt=device&dt=kxcookie&callback=Krux.ns.jetblue.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.barclaycardus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:06 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a012-dub-prod.krxd.net, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1626960666.424150,VS0,VE27
content-length: 188
x-cache-hits: 0, 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEJMCWba18U5JQrmgVwQpMew&google_cver=1
dpm.demdex.net/ Frame 97CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzQ3MzIyNTg2Mzk5NDQyOTM5NzMwNzk5NzAzMjM4MDIxOTM0MTA=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJMCWba18U5JQrmgVwQpMew&google_cver=1?gdpr=0&gdpr_consent=

42 B
958 B

58ms
57ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJMCWba18U5JQrmgVwQpMew&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-098cbf070.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zViRLMyQTkQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJMCWba18U5JQrmgVwQpMew&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 cE0U
www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/ 18 B
639 B 203ms
203ms XHR
application/json 23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://www.barclaycardus.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: adcloud={%22_les_v%22:%22y%2Cbarclaycardus.com%2C1626962465%22}; s_ecid=MCMID%7C42983624458653584002390278816997057943; bm_sz=CA8F8FCFB66E10ED06309B14C7671A71~YAAQg15swcJA5cV6AQAA3ZxpzgzBoMKSFWQzq8NtPmtA/13+A6osMcn9kME+CZGNKxvXin00M/yw+FC/oVepiTmUJBkH8a30Y+cspr7aSqrCsIBtFs+GGPdeK1SmEmQxr5WuodKj9DbIyWBLvUEASs/hoMxy54vxZ+6q2xsGi4Z7EaKeOJH3qyNj3AfF2UrHLLT9KG0Cgw==; XSESSIONID=78A31F1E6E3A94F2CBF4DB0BDCC127AC; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; _fbp=fb.1.1626960666027.397201021; mbox=PC#91fcc7898d8546509f12ea31ce01d64e.37_0#1690205467|session#91fcc7898d8546509f12ea31ce01d64e#1626962527; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C42983624458653584002390278816997057943%7CMCAAMLH-1627565465%7C6%7CMCAAMB-1627565465%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967866s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18838%7CvVersion%7C5.2.0; kxjetblue_visits=1; s_nr30=1626960666157-New; s_tslv=1626960666172; s_ppv1l=%5B%5BB%5D%5D; s_ppv1=JBE%253AConsumer%253AHome%2C100%2C6667%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP; gpv_pn=JBE%3AConsumer%3AHome; s_cc=true; _abck=81ED0BFEA19A0C3E2152F22BBC290D6A~-1~YAAQg15swclA5cV6AQAAxZ5pzgYG7G55n/v+YFdV9UFYCxlo01X4NvB8YSLQjwFicEWBI6x65j20T2CzSY0U7HUvcsFTwd2ErzhIqF8FOotQKvHCMuDW6mmpbDiN/DwrDiJceLF1xqcP1ZCqIUdSSYrYudRYjtXf3h43kXNxKpKmLKABpbcIVRmKByAfLZDMBNKr8DvyWTB0M28aE9u35JHXC/3l5d501c4lLWkfpyUgvoiHu6yIwY1eFKIjyXlfZ6uYy7yXXdfxmxf/08SBNHRGXq+9KSZG1B4Bq9y5PnUvYprltGkICNlLOwxtdSaK2M9sidoFmvKy9COphigBgsFOxOAqd4gMH7WqqOrECPQlmZsrmd42omkIPXE8qrMZDwFJ2aB6CYDDZwoGcN2DGDY=~-1~||1-jXUFyRVUFg-1-10-1000-2||~-1; AAMC_barclaybankdelaware_0=REGION%7C6; aam_uuid=34732258639944293973079970323802193410; ak_bmsc=F1CDBB65C8100E2459CFB51308850626~000000000000000000000000000000~YAAQg15swcpA5cV6AQAA/55pzgxYLvXZtcjaGO/6Isp/ZNXKpRE+TrOMtMWMR8em6DDKnnTj89UysYwTIKWgsdSvkTd6gNZBSV4zuUaZIByalkkUajzYP2aQVn7sN6y8bhxAnyfbIxwqPaQp6HsLFVj7wFLMKVjPA54+3qNFpHyHk9q1KzugK67FcyPaz1KixUZrUtpOqAD2T1KWMdz40er3GAO34H/6Wdx6kLRkgKU2FyG/CulMVCGOa0AMGBynGovSVmWlwSfRPTkL3+Qm5srjywjNCIRQhmU0Vozs18iGc397TwfuI2V7zhrsZgKWroLPY+uC/w3KOkRTBo9hsQ8x24oWu1ETwOaTW+/2PTK9YIfDRN5VhPdepiOsdOJwQmr+3ta1YJo5OLe9wnzvqDJU1BkLUy5wX5TlbNUFgs/dxo+0uepRDPqVL/wabjJyW38pLkXCQcCAkgfaWMApdQ==
content-length: 2287
:path: /Xur4Yp/Q2go/NpEyN/HGL/4e32mExPI/LYY9XzJN/GBBTSjtmAg/Ggc_Oyh/cE0U
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.barclaycardus.com
referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 22 Jul 2021 13:31:06 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.barclaycardus.com
access-control-allow-credentials: true
set-cookie: _abck=81ED0BFEA19A0C3E2152F22BBC290D6A~-1~YAAQg15swcxA5cV6AQAA759pzgbxWO5HDcj6zX28SxAy+sDwnS7flL7hCFMeC1qhcdirPeWmXEl4cEa+U0f7fzjqz/pPW6Ln9VyN3Agv0rrp+Um9I16xO2g63FGLSRiIYmTqafSYRRNZ0uZ/ifJRyzdj/qmxDF8cGsg8EYfpfKu0zOiArEhn3J5ybJUktQnvWQBELCkB3ygB16HAxy3lGBfv0U6e2n8cZtFKJigPndF40fo7xuiHE3ElR2jyFm31lGry799ZSbLSNFJJASDXnUC1ar5dXoYBNijEPMt2T30276MhfeE00wngGQNKoITx1/e5WDx1H62TtUMuxDjFgaFBhU43KbSXPb27jTqcr5QGZjmNq0X+07mYuK3pYDTjROZSoWDc+6q9j/1naBNRVtA=~-1~||-1||~-1; Domain=.barclaycardus.com; Path=/; Expires=Fri, 22 Jul 2022 13:31:06 GMT; Max-Age=31536000; Secure
access-control-allow-headers: Content-Type
content-length: 18

GET adsct
analytics.twitter.com/i/ Frame 97CB 0
0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 97CB
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEFsHe6qnmeNZGuPByUuSf_c&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

48ms
48ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Last-Modified: Wed, 23 Jun 2021 11:50:42 GMT
Server: Apache
ETag: "b3b51c-80-5c56d841aa880"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 22 Jul 2021 13:31:06 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 97CB
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEF...
https://pixel.everesttech.net/1x1

128 B
691 B

50ms
49ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Last-Modified: Wed, 23 Jun 2021 11:50:42 GMT
Server: Apache
ETag: "36b51c-80-5c56d841aa880"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 22 Jul 2021 13:31:06 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET

1x1
pixel.everesttech.net/ Frame 97CB
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 97CB
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...

0
0

POST 0
bat.bing.com/actionp/ 0
0

GET
H/1.1 200
OK bootstrap.min.css
gif.barclaycardus.com/apply/css/base/bootstrap/ 57 KB
10 KB 118ms
116ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/bootstrap/bootstrap.min.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: b5c9e8b41b5d02f3ddf144b038700c52f474abbc2ee868efa8043f6fd1d97981

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Content-Length: 9706

GET
H/1.1 200
OK bootstrap.ms.css
gif.barclaycardus.com/apply/css/base/bootstrap/ 3 KB
863 B 119ms
116ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/bootstrap/bootstrap.ms.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: f776b22a66734a3cc606db8d0b8184d1832e84d8e1fc7b7572651fcdea052384

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Content-Length: 564

GET
H/1.1 200
OK global-apply.css
gif.barclaycardus.com/apply/css/base/responsive/ 22 KB
6 KB 123ms
120ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/responsive/global-apply.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 3822e0f60381a9ecea83c5300dfed90de7d991c706ac0ad9f754082bcab6b69d

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Content-Length: 5482

GET
H/1.1 200
OK modal.css
gif.barclaycardus.com/apply/css/base/component/ 4 KB
2 KB 123ms
120ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/component/modal.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: dd56990ee8998fe0ffc5a4a3d8044847874042c48dfb226bed195b424bc1d1c5

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Content-Length: 1280

GET
H/1.1 200
OK overrides.css
gif.barclaycardus.com/apply/css/jbe/responsive/ 3 KB
1 KB 122ms
119ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/jbe/responsive/overrides.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: ee363a1fbd7f6826565d20c6be5911c95abb71cf1738ae3b737e394a741dc819

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Content-Length: 1158

GET
H/1.1 200
OK browser-detect-modal.css
gif.barclaycardus.com/apply/css/base/ 3 KB
1 KB 122ms
119ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/browser-detect-modal.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 0ffa94ab28963a7a4d6af884540fa59b8974f7c95675e91555f993060e758aa2

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Content-Length: 814

GET
H/1.1 200
OK tealeaf.js Show response
gif.barclaycardus.com/apply/js/base/tagging/ 138 KB
46 KB 249ms
125ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/tagging/tealeaf.js
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 6d05079301ff5d8552cfe54705dd25ddb5cae6efa674441688c9a053b01e385d

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Content-Length: 46688

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
gif.barclaycardus.com/apply/js/base/jquery/ 87 KB
30 KB 248ms
124ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/jquery/jquery-3.5.1.min.js
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Content-Length: 30908

GET
H/1.1 200
OK jquery-ui-1.12.1.min.js Show response
gif.barclaycardus.com/apply/js/base/jquery/ 248 KB
67 KB 249ms
126ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/jquery/jquery-ui-1.12.1.min.js
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: fffa08a498f7ccca4287c581f6cc02551f640f70b52db3a7d023dae38af75165

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498

GET
H/1.1 200
OK modernizr-min.js Show response
gif.barclaycardus.com/apply/js/base/ 16 KB
7 KB 240ms
116ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/modernizr-min.js
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 461b29cf9f43cff35b3dd46e1fe6efa4a53ccbc015b0c657d917fa0408c42e12

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=495
Content-Length: 6555

GET
H/1.1 200
OK application.css
gif.barclaycardus.com/apply/css/base/responsive/ 36 KB
8 KB 235ms
118ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/responsive/application.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 74f916a6b10e21fcf69a2e1b3dd00662a28951635549d772b24f34c50c2a8f92

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Content-Length: 7493

GET
H/1.1 200
OK print.css
gif.barclaycardus.com/apply/css/base/responsive/ 752 B
695 B 117ms
116ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/responsive/print.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 24ecc95c0f767ea6658fc91c51bb19620b4bfd17bce0096cc24f87a29a01bff2

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Content-Length: 396

GET
H2 200 launch-067727b26ea4.min.js Show response
assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/ 415 KB
103 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e2543f09ef2c830564a2dcf53e27fcf8e7f490e11821f79cc3067826023df33c

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:07 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:52:09 GMT
server: AkamaiNetStorage
etag: "e7a40abc58c4776b7fa2aaf215111dda:1618563129.687342"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.jetbluepluscard.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 104654
expires: Thu, 22 Jul 2021 14:31:07 GMT

GET
H/1.1 200
OK aprLoader.js Show response
gif.barclaycardus.com/apply/js/base/responsive/ 1 KB
664 B 263ms
116ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/responsive/aprLoader.js
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 3e63bb3f07db6bc27f04dd65d881437d600b216449c808e581b43430dcbd2a18

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Content-Length: 351

GET
H/1.1 200
OK combo-app-with-four-col-JetBlue.css
gif.barclaycardus.com/apply/css/base/responsive/ 7 KB
2 KB 148ms
117ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/responsive/combo-app-with-four-col-JetBlue.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: aba876304cb8c77863d89a8eb1df27086dedf75c27fb3150ff9fdc3d9be7dbac

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Content-Length: 1904

GET
H/1.1 200
OK 04150.png
gif.barclaycardus.com/apply/img/jbe/credit/plastics/ 43 KB
43 KB 120ms
119ms Image
image/png 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/img/jbe/credit/plastics/04150.png
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: f649cbb646138a2f94dc554913107b5bc923d14a6bc27d35ea1d5bd5c97c4f40

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:35 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Content-Length: 44158

GET
H/1.1 200
OK card-logo-regular.png
gif.barclaycardus.com/apply/img/jbe/ 5 KB
5 KB 117ms
117ms Image
image/png 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/img/jbe/card-logo-regular.png
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: bc855d1a9fcc1b2f9d756ba1dd566e6bcb25d966348e7106660c76575e8fe4e1

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:35 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Content-Length: 4960

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 55ms
54ms XHR
application/json 52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1626960667442

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

98321dba3b7790512cdfb6504a5d9e311f21c5940689293c6e4f301178332858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v012-0d1e13989.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: IA+ktIiRSNQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.jetbluepluscard.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1540
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXa7a9196db328423f82cf040de162f380-libraryCode_source.min.js Show response
assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/015dd3c8dbea/ 63 KB
22 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/015dd3c8dbea/EXa7a9196db328423f82cf040de162f380-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 63f759ab039c35716b45807ad9deb42f8ee4ed55222ccf43bfef9ae397179054

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:07 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:52:10 GMT
server: AkamaiNetStorage
etag: "76b3e5b2a7c1630edd75da84911a1b44:1618563130.607003"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.jetbluepluscard.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 22511
expires: Thu, 22 Jul 2021 14:31:07 GMT

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ 7 KB
7 KB 33ms
33ms Script
application/javascript 23.37.44.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-version-id: null
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
Server: AmazonS3
x-amz-request-id: TZ1Z2BV2278TSP3Z
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
Content-Type: application/javascript
Date: Thu, 22 Jul 2021 13:31:07 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7028
x-amz-id-2: zVEODGvOZAf+qHbCRZ9fDgf1zKdvhoYQYfr4sj/LDbPUmvkS4W/zN81B16Gw/cLHUuYkLTxGCeg=

GET
H/1.1 200
OK tltWorker.js
www.jetbluepluscard.com/apply/js/base/tagging/ 29 KB
29 KB 363ms
138ms Other
application/javascript 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetbluepluscard.com/apply/js/base/tagging/tltWorker.js
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: f9110429c6e318631e4f49cd61974a5b733e4e8d3f0c9709314b29d5190a1bec

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: same-origin
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: worker
Referer: https://www.jetbluepluscard.com/apply/Application.action
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528; at_check=true
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server
ETag: W/"29810-1626185076000"
Content-Type: application/javascript
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 29810

GET
H/1.1 200
OK handleFile Show response
www.jetbluepluscard.com/apply/action/ Frame 4979 22 KB
23 KB 250ms
135ms Document
text/html 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetbluepluscard.com/apply/action/handleFile?id=privacyPolicyForwardUrl
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: 03ad484641730b3134d1f2294590b394e97123889faadc7e21dd398dc61a4cb2

Request headers

Host: www.jetbluepluscard.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.jetbluepluscard.com/apply/Application.action
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528; at_check=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jetbluepluscard.com/apply/Application.action

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Server
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
x-bstat: 11|A|applyweb|113
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK dest5.html Show response
barclaybankdelaware.demdex.net/ Frame 32E5 7 KB
3 KB 53ms
52ms Document
text/html 63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaybankdelaware.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: barclaybankdelaware.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.jetbluepluscard.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=61354323135340404052115715963802416118; dextp=60-1-1626960666131|771-1-1626960666352|1123-1-1626960666453|1083-1-1626960666554|1085-1-1626960666654|1086-1-1626960666755|1087-1-1626960666856
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jetbluepluscard.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 22 Jul 2021 13:31:07 GMT
DCS: dcs-prod-irl1-1-v012-0eecf40e0.edge-irl1.demdex.com 6.3.1.20210623115127
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 2 Jul 2021 08:38:00 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: h+w40+23Riw=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
metrics.barclaycardus.com/ 48 B
281 B 43ms
42ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.barclaycardus.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=A829776A5245B3280A490D44%40AdobeOrg&mid=68231892343067163521641897613624715363&ts=1626960667508

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

9e7a46e9d288f6bcb89774f67b9793dfc5a08bbb9ab5eea214b401ef67612d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 22 Jul 2021 13:31:07 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-58944c9887-r7jxr
vary: Origin
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.jetbluepluscard.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
104 B 30ms
29ms XHR
text/plain 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=A829776A5245B3280A490D44@AdobeOrg&_les_sdid=1D48D1C2CF115D91-3829B0B3C080D8C3&_les_last_search_click=&_les_rsid=barclaysglobalacq,barclaysusglobal&_les_mid=68231892343067163521641897613624715363&_les_url=https%3A%2F%2Fwww.jetbluepluscard.com%2Fapply%2FApplication.action
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626960668.526565,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.jetbluepluscard.com
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19151-FRA

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YPlzGQAAALwJqALs&d_uuid=61354323135340404052115715963802416118
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=61354323135340404052115715963802416118
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPlzGQAAALwJqALs&d_uuid=61354323135340404052115715963802416118

0
849 B

54ms
54ms

Image
text/plain

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPlzGQAAALwJqALs&d_uuid=61354323135340404052115715963802416118

Requested by

Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0f214c960.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: H5ufNWm+TPs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPlzGQAAALwJqALs&d_uuid=61354323135340404052115715963802416118
Date: Thu, 22 Jul 2021 13:31:07 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
barclaycardus.tt.omtrdc.net/rest/v1/ 286 B
517 B 68ms
67ms XHR
application/json 52.18.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://barclaycardus.tt.omtrdc.net/rest/v1/delivery?client=barclaycardus&sessionId=9356d235a58542b49f07e972b7012abe&version=2.4.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.150.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 37432ab5456345013088a0aba1e107a5e85b4767aac9735233a341f33648924a

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.jetbluepluscard.com
date: Thu, 22 Jul 2021 13:31:07 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 2a5d9719f0e334825e6c4454b2ba66a9
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK awrstopwatch.gif
gif.barclaycardus.com/apply/img/base/ 5 KB
5 KB 117ms
115ms Image
image/gif 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/img/base/awrstopwatch.gif
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 41eed05f5452f8494a83098fdc4bd1ab4f87ed04be25cd7e6561bc65517e13f8

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Content-Length: 4865

GET
H/1.1 200
OK print-icon.png
gif.barclaycardus.com/apply/img/base/ 1 KB
1 KB 116ms
114ms Image
image/png 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/img/base/print-icon.png
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 47bec346ae6e440174592b99d08726818b151e22a645e154416af6d13401bccd

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:35 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Content-Length: 1033

GET
H/1.1 200
OK modal-lightbox.png
www.jetbluepluscard.com/apply/img/base/browsers/ 0
289 B 263ms
122ms Image
image/png 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jetbluepluscard.com/apply/img/base/browsers/modal-lightbox.png
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.jetbluepluscard.com/apply/Application.action
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; at_check=true; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; adcloud={%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Last-Modified: Tue, 13 Jul 2021 14:31:11 GMT
Server
ETag: W/"0-1626186671000"
Content-Type: image/png
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Content-Length: 0

GET
H/1.1 200
OK combo.action Show response
www.jetbluepluscard.com/apply/ 138 KB
139 KB 247ms
137ms Script
text/javascript 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetbluepluscard.com/apply/combo.action?LoadJS=application
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: 00b68f5d26f3b8965e2d67ac5eeb3830fcf1d3f9b622b008c9d7b8ae52e69995

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.jetbluepluscard.com/apply/Application.action
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; at_check=true; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; adcloud={%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Server
Transfer-Encoding: chunked
Content-Language: en-US
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Content-Type: text/javascript;charset=ISO-8859-1
Keep-Alive: timeout=3, max=500

GET
H/1.1 200
OK modal-lightbox_ic.png
www.jetbluepluscard.com/apply/img/base/browsers/ 0
289 B 354ms
129ms Image
image/png 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jetbluepluscard.com/apply/img/base/browsers/modal-lightbox_ic.png
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.jetbluepluscard.com/apply/Application.action
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; at_check=true; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; adcloud={%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Last-Modified: Tue, 13 Jul 2021 14:31:11 GMT
Server
ETag: W/"0-1626186671000"
Content-Type: image/png
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 0

GET
H/1.1 200
OK bcus-min.js Show response
gif.barclaycardus.com/apply/js/base/bcus/ Frame 4979 2 KB
1 KB 118ms
117ms Script
application/javascript 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/js/base/bcus/bcus-min.js
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/action/handleFile?id=privacyPolicyForwardUrl
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: a401c3c4bf86528d0d701359dbf9120e36b1f24a941daee953d4bd8ba5572d2b

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:35 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=495
Content-Length: 1012

GET
H/1.1 200
OK bootstrap.min.css
gif.barclaycardus.com/apply/css/base/bootstrap/ Frame 4979 57 KB
10 KB 119ms
118ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/bootstrap/bootstrap.min.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/action/handleFile?id=privacyPolicyForwardUrl
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: b5c9e8b41b5d02f3ddf144b038700c52f474abbc2ee868efa8043f6fd1d97981

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=495
Content-Length: 9706

GET
H/1.1 200
OK privacy_policy.css
gif.barclaycardus.com/apply/css/base/ Frame 4979 2 KB
1 KB 117ms
116ms Stylesheet
text/css 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/base/privacy_policy.css
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/action/handleFile?id=privacyPolicyForwardUrl
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: b527f352c4ce8a72b48ef8cfd91d4c168691a910997081a841979b0ad88c2cf8

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Content-Length: 927

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 32E5
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

48ms
48ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Last-Modified: Wed, 23 Jun 2021 11:50:42 GMT
Server: Apache
ETag: "36b51d-80-5c56d841aa880"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 22 Jul 2021 13:31:08 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=1121&dpuuid=1871316021796879609
dpm.demdex.net/ Frame 32E5
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=7085
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871316021796879609

42 B
958 B

55ms
55ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871316021796879609

Requested by

Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-03d9cf435.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qAj7mRhJQw4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871316021796879609
Date: Thu, 22 Jul 2021 13:31:08 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET /
undefined&cb=337425378608931200/ 0
0

GET
H2 200 RCa4a2ef3b74ff4c44ab2e391146c8819a-source.min.js Show response
assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/015dd3c8dbea/ 11 KB
4 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/015dd3c8dbea/RCa4a2ef3b74ff4c44ab2e391146c8819a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f54c91e0903d2c98a1f8b6107b9dfbea025c961dc1a35fe98c7452b2c37770b6

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:08 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:52:10 GMT
server: AkamaiNetStorage
etag: "76b3e5b2a7c1630edd75da84911a1b44:1618563130.607003"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.jetbluepluscard.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 4273
expires: Thu, 22 Jul 2021 14:31:08 GMT

GET
H/1.1 200
OK modal-lightbox.png
www.jetbluepluscard.com/apply/img/base/browsers/ 0
289 B 124ms
123ms Image
image/png 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jetbluepluscard.com/apply/img/base/browsers/modal-lightbox.png
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.jetbluepluscard.com/apply/Application.action
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; at_check=true; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; adcloud={%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:07 GMT
Last-Modified: Tue, 13 Jul 2021 14:31:11 GMT
Server
ETag: W/"0-1626186671000"
Content-Type: image/png
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Content-Length: 0

GET
H/1.1 200
OK ic-fee-combo-header-mountain.png
gif.barclaycardus.com/apply/img/jbe/ 337 KB
338 KB 125ms
124ms Image
image/png 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/img/jbe/ic-fee-combo-header-mountain.png
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/css/jbe/responsive/overrides.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 17eedd87aa48284ead157277334a3e81b8b3aaea1574141683fed037f7c494d3

Request headers

Referer: https://gif.barclaycardus.com/apply/css/jbe/responsive/overrides.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:35 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=494
Content-Length: 345440

GET
H/1.1 200
OK horizon.png
gif.barclaycardus.com/apply/img/base/ 8 KB
8 KB 118ms
117ms Image
image/png 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/img/base/horizon.png
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/css/base/responsive/global-apply.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 2bc5dd77e941adbf8fc357a49fdc668830482c5a196d9c8931bdfdc52aace979

Request headers

Referer: https://gif.barclaycardus.com/apply/css/base/responsive/global-apply.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=494
Content-Length: 7715

GET
H/1.1 200
OK selectarrow.svg
gif.barclaycardus.com/apply/css/base/icons/ 904 B
905 B 116ms
115ms Image
image/svg+xml 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/css/base/icons/selectarrow.svg
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/css/base/responsive/application.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 6986a12e0410fec41d5953292152ea27f9ac961b338ecd28c3bdf3be493ba675

Request headers

Referer: https://gif.barclaycardus.com/apply/css/base/responsive/application.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=495
Content-Length: 569

GET
H/1.1 200
OK BCUS_logo_vSPT_GoPaperless.svg
gif.barclaycardus.com/apply/css/base/icons/ 15 KB
6 KB 119ms
119ms Image
image/svg+xml 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/css/base/icons/BCUS_logo_vSPT_GoPaperless.svg
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/css/base/responsive/application.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: f49bb654f97a14e0630ea85087e5a2abc7ab474ec8f406a6ac1583eb83cc1591

Request headers

Referer: https://gif.barclaycardus.com/apply/css/base/responsive/application.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Content-Length: 5740

GET
H/1.1 200
OK Open.svg
gif.barclaycardus.com/apply/css/base/icons/ 693 B
780 B 116ms
116ms Image
image/svg+xml 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/css/base/icons/Open.svg
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/css/base/responsive/application.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 3065d017d9e3f177fd4ec7850f8315cf6e2efe3c13efd7a98db1f5c8e120e4c4

Request headers

Referer: https://gif.barclaycardus.com/apply/css/base/responsive/application.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=494
Content-Length: 444

GET
H/1.1 200
OK print-icon.svg
gif.barclaycardus.com/apply/css/base/icons/ 2 KB
1 KB 115ms
115ms Image
image/svg+xml 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/css/base/icons/print-icon.svg
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/css/base/responsive/global-apply.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 93e52eb2ba859f3f843acc490780377c02fad2565c4dd88519882fbe1e976ea2

Request headers

Referer: https://gif.barclaycardus.com/apply/css/base/responsive/global-apply.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Content-Length: 990

GET
H/1.1 200
OK Blue%20Arrow.svg
gif.barclaycardus.com/apply/css/base/icons/ 1 KB
1 KB 116ms
116ms Image
image/svg+xml 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/css/base/icons/Blue%20Arrow.svg
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/css/base/responsive/global-apply.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: a950303764fee5f1f2711d41220cc6f66f376cbba5fcafab87b41200dcc54fd7

Request headers

Referer: https://gif.barclaycardus.com/apply/css/base/responsive/global-apply.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=494
Content-Length: 716

GET
H/1.1 200
OK bcus_logo.png
gif.barclaycardus.com/apply/img/base/ 8 KB
8 KB 119ms
119ms Image
image/png 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.barclaycardus.com/apply/img/base/bcus_logo.png
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/css/base/responsive/global-apply.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 73eae9169890b19ee3b6fc85d6e58e6f82a04bd056e33b9eb6a4f4bb1bda5db6

Request headers

Referer: https://gif.barclaycardus.com/apply/css/base/responsive/global-apply.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Content-Length: 8300

GET
H/1.1 200
OK JBFuturaStd-Book.otf
gif.barclaycardus.com/apply/css/fonts/ 25 KB
15 KB 571ms
123ms Font
font/otf 167.203.49.233
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://gif.barclaycardus.com/apply/css/fonts/JBFuturaStd-Book.otf
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/css/jbe/responsive/overrides.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.233 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 01126e43b789a98efa5220d16dd4e1d0605185ac6fdcdb2ef324da8f6300eb97

Request headers

Origin: https://www.jetbluepluscard.com
Referer: https://gif.barclaycardus.com/apply/css/jbe/responsive/overrides.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jul 2021 14:04:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: font/otf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 14880

GET
H/1.1 200
OK monthly-payment.js Show response
www.jetbluepluscard.com/apply/js/base/responsive/ 1 KB
1 KB 127ms
127ms XHR
application/javascript 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetbluepluscard.com/apply/js/base/responsive/monthly-payment.js
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/js/base/jquery/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: 8c91339b9ec1fc8338022f51581323e7fc95431f009a5519a36fb11ed613570b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; at_check=true; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; adcloud={%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.jetbluepluscard.com/apply/Application.action
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server
ETag: W/"1193-1626185076000"
Content-Type: application/javascript
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Content-Length: 1193

GET
H/1.1 200
OK paperless.js Show response
www.jetbluepluscard.com/apply/js/base/responsive/ 4 KB
5 KB 127ms
126ms XHR
application/javascript 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetbluepluscard.com/apply/js/base/responsive/paperless.js
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/js/base/jquery/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: 60354f0c0f3d4a915a77ada41177e1385827fa014983f16b4a4a006f18406486

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; at_check=true; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; adcloud={%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.jetbluepluscard.com/apply/Application.action
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server
ETag: W/"4448-1626185076000"
Content-Type: application/javascript
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Content-Length: 4448

GET
H/1.1 200
OK print.js Show response
www.jetbluepluscard.com/apply/js/base/responsive/ 5 KB
5 KB 128ms
128ms XHR
application/javascript 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetbluepluscard.com/apply/js/base/responsive/print.js
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/js/base/jquery/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: 99c53c46357feddc65c909a326ae2985da8f9c16ee96e73c0a1ae5b648c25f14

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; at_check=true; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; adcloud={%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.jetbluepluscard.com/apply/Application.action
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server
ETag: W/"4954-1626185076000"
Content-Type: application/javascript
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Content-Length: 4954

GET
H/1.1 200
OK combo.action Show response
www.jetbluepluscard.com/apply/ 36 KB
37 KB 128ms
128ms XHR
text/javascript 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetbluepluscard.com/apply/combo.action?LoadJS=optionalservices_combo
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/js/base/jquery/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: 7defbc9a4a59eb4f27473dd3c48a1f3039a5b22d8b639596fffb95d557e91d97

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; at_check=true; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; adcloud={%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.jetbluepluscard.com/apply/Application.action
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Server
Transfer-Encoding: chunked
Content-Language: en-US
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Content-Type: text/javascript;charset=ISO-8859-1
Keep-Alive: timeout=3, max=497

GET
H/1.1 200
OK modal-popup.js Show response
www.jetbluepluscard.com/apply/js/base/responsive/ 10 KB
10 KB 133ms
132ms XHR
application/javascript 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetbluepluscard.com/apply/js/base/responsive/modal-popup.js
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/js/base/jquery/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: e328249987f5532a7f633e47f551c0a9429f67bb169ed379ecb5d49194ce895b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; at_check=true; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; adcloud={%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.jetbluepluscard.com/apply/Application.action
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server
ETag: W/"9869-1626185076000"
Content-Type: application/javascript
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 9869

GET
H/1.1 200
OK session-timeout.js Show response
www.jetbluepluscard.com/apply/js/base/responsive/ 5 KB
5 KB 131ms
130ms XHR
application/javascript 167.203.49.82
BARCLAYS-CAPITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetbluepluscard.com/apply/js/base/responsive/session-timeout.js
Requested by: Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/apply/js/base/jquery/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.203.49.82 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software: /
Resource Hash: c6a4ebe53b2f115c74f0b8b1a046c6a10f26b4f1933d46316c91ab59aebda141

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.jetbluepluscard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: JSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; TSESSIONID=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142; at_check=true; AMCVS_A829776A5245B3280A490D44%40AdobeOrg=1; adcloud={%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}; AMCV_A829776A5245B3280A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#9356d235a58542b49f07e972b7012abe#1626962528|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
Connection: keep-alive
Referer: https://www.jetbluepluscard.com/apply/Application.action
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.jetbluepluscard.com/apply/Application.action
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:08 GMT
Last-Modified: Tue, 13 Jul 2021 14:04:36 GMT
Server
ETag: W/"5253-1626185076000"
Content-Type: application/javascript
x-bstat: 11|A|applyweb|113
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 5253

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=24D2E0A899006FF810BDF0D4986B6EE2
dpm.demdex.net/ Frame 32E5
Redirect Chain

https://c.bing.com/c.gif?uid=61354323135340404052115715963802416118&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=24D2E0A899006FF810BDF0D4986B6EE2

42 B
958 B

55ms
54ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=24D2E0A899006FF810BDF0D4986B6EE2

Requested by

Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0396c1298.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tA7eGGWPSXk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:08 GMT
x-msedge-ref: Ref A: FF2BD032673C4D2A970F9B4352BACFF8 Ref B: FRAEDGE1416 Ref C: 2021-07-22T13:31:08Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=24D2E0A899006FF810BDF0D4986B6EE2
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 s42710167375418 Show response
metrics.barclaycardus.com/b/ss/barclaysglobalacq,barclaysusglobal/10/JS-2.22.0-LBRU/ 5 KB
5 KB 75ms
75ms Script
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.barclaycardus.com/b/ss/barclaysglobalacq,barclaysusglobal/10/JS-2.22.0-LBRU/s42710167375418?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=22%2F6%2F2021%2015%3A31%3A8%204%20-120&d.&nsid=0&jsonv=1&.d&sdid=1D48D1C2CF115D91-3829B0B3C080D8C3&mid=68231892343067163521641897613624715363&aamlh=6&ce=UTF-8&pageName=JBE%3AConsumer%3AApplication&g=https%3A%2F%2Fwww.jetbluepluscard.com%2Fapply%2FApplication.action&r=https%3A%2F%2Fwww.barclaycardus.com%2F&cc=USD&ch=Consumer%3AApplication&server=www.jetbluepluscard.com&v0=0002899%7C009&events=event6%2Cevent24%3ADA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=New&c8=D%3Dv8&v8=year%3D2021%20%7C%20month%3DJuly%20%7C%20date%3D22%20%7C%20day%3DThursday%20%7C%20time%3D9%3A31%20AM&c11=D%3Dv12&v12=JBE&c13=D%3Dv14&c14=Combo%20App%20AWR&v14=006&c15=56784&v15=Combo%20App%20AWR&c16=D%3Dv17&v17=CCMMX87462&c21=D%3Dv22&v22=PTREM0721MD&c26=D%3Dv26&v26=0002899%7C009&c27=JBE%3AConsumer%3AApplication&v27=03&c29=D%3Dv29&v29=Adobe%20Launch-AA%3A2.22.0-ECID%3A5.2.0-DIL%3A7.0&c30=D%3Dv30&v30=JBE%7C006&v39=Consumer-FullAppInstantDecision&v41=JBE%3AComboApp&c45=D%3Dv45&v45=New%20Visitor&c48=D%3Dg&v48=D%3Dg&c50=JBE%3AConsumer%3AApplication%3A0002899%7C009&v51=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142&v52=DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142&v99=NO_UUID&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A829776A5245B3280A490D44%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/015dd3c8dbea/EXa7a9196db328423f82cf040de162f380-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

ff1a1151a0263c019db27de5208482a43f54544925bb82e7c5b48429bb3085bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-aam-tid: UfOxSHPZSfc=
date: Thu, 22 Jul 2021 13:31:08 GMT
x-content-type-options: nosniff
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
vary: *
content-length: 5338
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v012-0f214c960.edge-irl1.demdex.com 6.3.1.20210623115127
pragma: no-cache
last-modified: Fri, 23 Jul 2021 13:31:08 GMT
server: jag
xserver: anedge-58944c9887-7brdt
etag: 3493871431340720128-4619370424144960700
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 21 Jul 2021 13:31:08 GMT

GET
H2 200 resource.png Show response
www.barclaycardus.com/apply/ 67 B
394 B 204ms
141ms XHR
image/png 23.36.238.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barclaycardus.com/apply/resource.png
Requested by: Host: www.barclaycardus.com
URL: https://www.barclaycardus.com/apply/Landing.action?campaignId=2899&cellNumber=9&referrerid=PTREM0721MD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://www.jetbluepluscard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:08 GMT
last-modified: Thu, 22 Jul 2021 13:31:08 GMT
server
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private
x-bstat: 11|A|applyweb|111
content-length: 67
expires: Fri, 22 Jul 2022 13:31:08 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 32E5
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

49ms
48ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.jetbluepluscard.com
URL: https://www.jetbluepluscard.com/apply/Application.action
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:09 GMT
Last-Modified: Wed, 23 Jun 2021 11:50:42 GMT
Server: Apache
ETag: "b3b51c-80-5c56d841aa880"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 22 Jul 2021 13:31:09 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=22069&dpuuid=3014978462792
dpm.demdex.net/ Frame 32E5
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
https://tag.yieldoptimizer.com/ps/ps?tc=546131584&t=i&p=2233
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014978462792

42 B
958 B

64ms
63ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014978462792

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-05eac8427.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: WPn2MSEcQUg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:08 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014978462792
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=9aisAxNEl3aQNkIjLH9adZEdR8Elmvjc&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 32E5
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=9aisAxNEl3aQNkIjLH9adZEdR8Elmvjc&gdpr=0&gdpr_consent=

42 B
958 B

83ms
54ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=9aisAxNEl3aQNkIjLH9adZEdR8Elmvjc&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0cc960d1b.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: WFnClVUaQ6Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=9aisAxNEl3aQNkIjLH9adZEdR8Elmvjc&gdpr=0&gdpr_consent=
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3733
date: Thu, 22 Jul 2021 13:31:08 GMT
content-length: 227
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=73426&dpuuid=61354323135340404052115715963802416118
dpm.demdex.net/ Frame 32E5
Redirect Chain

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=61354323135340404052115715963802416118&rn=1626960667477&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D613543231353404...
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=61354323135340404052115715963802416118&rn=1626960667477&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D61354323135340...
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=61354323135340404052115715963802416118

42 B
958 B

54ms
54ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=73426&dpuuid=61354323135340404052115715963802416118

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0ade9229d.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2h2X/dIVQjk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 22 Jul 2021 13:31:09 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=73426&dpuuid=61354323135340404052115715963802416118
content-length: 105
x-amz-cf-id: 7h7_ySwzCfcxyPUbU36tRkEjCW0foAGHfxWdksZPxyo0Cp3MSRgfXQ==

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 32E5
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YPlzGQAAALwJqALs&sigv=1&esig=1~6b4c81f039223a6927d678409b84056f87433085

0
447 B

20ms
6ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YPlzGQAAALwJqALs&sigv=1&esig=1~6b4c81f039223a6927d678409b84056f87433085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:09 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YPlzGQAAALwJqALs&sigv=1&esig=1~6b4c81f039223a6927d678409b84056f87433085
Date: Thu, 22 Jul 2021 13:31:09 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 32E5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVBsekdRQUFBTHdKcUFMcw==

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVBsekdRQUFBTHdKcUFMcw==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626960670.507919,VS0,VE0
x-served-by: cache-fra19151-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVBsekdRQUFBTHdKcUFMcw==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 32E5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YPlzGQAAALwJqALs&expires=90

0
239 B

112ms
29ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YPlzGQAAALwJqALs&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626960670.600110,VS0,VE0
x-served-by: cache-fra19151-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YPlzGQAAALwJqALs&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 32E5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPlzGQAAALwJqALs
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPlzGQAAALwJqALs&C=1

43 B
1003 B

46ms
46ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPlzGQAAALwJqALs&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 13:31:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Jul 2021 13:31:09 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 13:31:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPlzGQAAALwJqALs&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Thu, 22 Jul 2021 13:31:09 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 32E5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YPlzGQAAALwJqALs
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYPlzGQAAALwJqALs

43 B
1 KB

42ms
42ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYPlzGQAAALwJqALs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 13:31:09 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f41ce0fb-1796-4352-a187-1892562c261a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 13:31:09 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 33ee9eda-4f1b-48b3-a740-d751cd5829d0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYPlzGQAAALwJqALs
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 32E5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YPlzGQAAALwJqALs
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YPlzGQAAALwJqALs

43 B
180 B

37ms
36ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YPlzGQAAALwJqALs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:10 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YPlzGQAAALwJqALs
date: Thu, 22 Jul 2021 13:31:09 GMT
via: 1.1 google
server: OXGW/16.211.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 32E5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPlzGQAAALwJqALs

1 B
547 B

137ms
45ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPlzGQAAALwJqALs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:08 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:410
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 13:31:10 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626960670.004814,VS0,VE0
x-served-by: cache-fra19151-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPlzGQAAALwJqALs
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 32E5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YPlzGQAAALwJqALs&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YPlzGQAAALwJqALs&img=1&__user_check__=1&sync_id=13a582a5-eaf1-11eb-b5c9-143d56a10406

43 B
548 B

41ms
40ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YPlzGQAAALwJqALs&img=1&__user_check__=1&sync_id=13a582a5-eaf1-11eb-b5c9-143d56a10406
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:31:10 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 51
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 22 Jul 2021 13:31:10 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YPlzGQAAALwJqALs&img=1&__user_check__=1&sync_id=13a582a5-eaf1-11eb-b5c9-143d56a10406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 112
Connection: keep-alive
Content-Length: 0

GET
H2 204 bct
mid.rkdms.com/ Frame 32E5 0
47 B 351ms
116ms Image
text/plain 107.23.38.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=61354323135340404052115715963802416118&_ct=img
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.38.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-38-0.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://barclaybankdelaware.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:31:10 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.leadback.advertising.com
URL: https://secure.leadback.advertising.com/adcedge/lb?site=695501&betr=sslbet_55223=[+]ssprlb_1493687[24]|sslbet_55224=[+]ssprlb_1493690[168]|sslbet_55225=[+]ssprlb_1493692[720]|sslbet_55226=[+]ssprlb_1493694[8760]

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?p_user_id=34732258639944293973079970323802193410&p_id=38594

Domain: pixel.everesttech.net
URL: https://pixel.everesttech.net/1x1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVBsekdRQUFBTHdKcUFMcw&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=5103746&Ver=2&mid=2c5e444a-6db3-448e-8e02-9e2e1948d32a&sid=10d6eda0eaf111eb97cd6d63a6bda321&vid=10d70240eaf111eb8be3f760221ca38a&vids=1&evt=pageHide

Domain: undefined
URL: https://undefined%26cb%3D337425378608931200/

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 00:15:12	Name: dextp Value: 60-1-1626960666131\|771-1-1626960666352\|1123-1-1626960666453\|1083-1-1626960666554\|1085-1-1626960666654\|1086-1-1626960666755\|1087-1-1626960666856\|1088-1-1626960668271\|1121-1-1626960668372\|1957-1-1626960668729\|19913-1-1626960668981\|22069-1-1626960669082
.demdex.net/	1970-01-20 00:15:12	Name: demdex Value: 61354323135340404052115715963802416118
.jetbluepluscard.com/	1970-01-19 20:39:12	Name: aam_uuid Value: 61354323135340404052115715963802416118
.jetbluepluscard.com/	1970-01-20 00:15:12	Name: AAMC_barclaybankdelaware_0 Value: REGION%7C6
.jetbluepluscard.com/	1969-12-31 23:59:59	Name: AMCVS_A829776A5245B3280A490D44%40AdobeOrg Value: 1
.jetbluepluscard.com/	1969-12-31 23:59:59	Name: at_check Value: true
.jetbluepluscard.com/	1970-01-19 19:56:02	Name: gpv_pn Value: JBE%3AConsumer%3AApplication
.jetbluepluscard.com/	1970-01-20 13:28:39	Name: adcloud Value: {%22_les_v%22:%22y%2Cjetbluepluscard.com%2C1626962467%22}
.jetbluepluscard.com/	1970-01-20 13:30:05	Name: mbox Value: session#9356d235a58542b49f07e972b7012abe#1626962528\|PC#9356d235a58542b49f07e972b7012abe.37_0#1690205468
.jetbluepluscard.com/	1970-01-20 13:27:12	Name: s_tslv Value: 1626960668736
.jetbluepluscard.com/	1970-01-19 20:39:12	Name: s_nr30 Value: 1626960668736-New
.jetbluepluscard.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.jetbluepluscard.com/	1970-01-20 13:27:12	Name: AMCV_A829776A5245B3280A490D44%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18831%7CMCMID%7C68231892343067163521641897613624715363%7CMCAAMLH-1627565467%7C6%7CMCAAMB-1627565467%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626967867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.jetbluepluscard.com/	1969-12-31 23:59:59	Name: s_ppv1l Value: JBE%253AConsumer%253AApplication%2C38%2C38%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
www.jetbluepluscard.com/apply	1969-12-31 23:59:59	Name: JSESSIONID Value: DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142
.jetbluepluscard.com/	1969-12-31 23:59:59	Name: s_ppv1 Value: JBE%253AConsumer%253AApplication%2C38%2C38%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
www.jetbluepluscard.com/	1969-12-31 23:59:59	Name: TSESSIONID Value: DA9BE09C16B6E2224B1C190E629F1F35.applyweb_alpha_clzpsr000000142

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - You are sending a non-standard event 'jb_cc_lp_visit'. The preferred way to send these events is using trackCustom. See 'https://developers.facebook.com/docs/ads-for-websites/pixel-events/#events' for more information.
console-api	warning	URL: https://assets.adobedtm.com/0bed9da4b0d0/ddeb80c34a6c/launch-067727b26ea4.min.js(Line 2) Message: AT: mboxCreate() function has been deprecated. Please use getOffer() and applyOffer() functions instead. [object Arguments]
console-api	log	URL: https://www.jetbluepluscard.com/apply/Application.action(Line 7790) Message: document.referrer is https://www.barclaycardus.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2784362.fls.doubleclick.net
ad.doubleclick.net
ads.scorecardresearch.com
ads.yahoo.com
adservice.google.com
analytics.twitter.com
assets.adobedtm.com
barclaybankdelaware.demdex.net
barclaycardus.tt.omtrdc.net
bat.bing.com
beacon.krxd.net
c.bing.com
cdn.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
dpm.demdex.net
dsum-sec.casalemedia.com
dt.scanscout.com
email.jetblue.com
gif.barclaycardus.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
lasteventf-tm.everesttech.net
metrics.barclaycardus.com
mid.rkdms.com
p.rfihub.com
pixel.everesttech.net
pixel.rubiconproject.com
px.owneriq.net
s.amazon-adsystem.com
secure-cdn.mplxtms.com
secure.adnxs.com
secure.leadback.advertising.com
set.tidaltv.com
sync-tm.everesttech.net
sync.search.spotxchange.com
tag.yieldoptimizer.com
tags.w55c.net
undefined
us-u.openx.net
www.barclaycardus.com
www.everestjs.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.jetbluepluscard.com
analytics.twitter.com
bat.bing.com
cm.g.doubleclick.net
pixel.everesttech.net
secure.leadback.advertising.com
undefined
104.111.233.48
104.111.242.53
107.23.38.0
13.226.145.35
142.250.185.226
142.250.185.230
142.250.186.130
15.236.176.210
151.101.14.133
151.101.14.49
167.203.49.233
167.203.49.82
185.33.221.13
185.64.189.110
185.94.180.125
193.0.160.129
199.127.207.184
199.7.201.100
2.18.234.21
23.36.238.8
23.37.44.206
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:26f0:6c00:296::1e80
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:24:b001:d120:1359:acbb:2de6
3.124.143.99
34.246.227.69
34.98.64.218
35.186.212.60
35.244.174.68
37.252.173.38
52.18.150.20
52.18.85.49
52.30.148.233
52.30.5.180
52.46.130.91
63.32.159.255
69.173.144.165
99.81.11.244
00b68f5d26f3b8965e2d67ac5eeb3830fcf1d3f9b622b008c9d7b8ae52e69995
01126e43b789a98efa5220d16dd4e1d0605185ac6fdcdb2ef324da8f6300eb97
03ad484641730b3134d1f2294590b394e97123889faadc7e21dd398dc61a4cb2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0ffa94ab28963a7a4d6af884540fa59b8974f7c95675e91555f993060e758aa2
157b31197ea6a2e4eeef89e12b2a2eba38108d4ba6e050fca34d5488fd9fb103
17eedd87aa48284ead157277334a3e81b8b3aaea1574141683fed037f7c494d3
24ecc95c0f767ea6658fc91c51bb19620b4bfd17bce0096cc24f87a29a01bff2
2bc5dd77e941adbf8fc357a49fdc668830482c5a196d9c8931bdfdc52aace979
3065d017d9e3f177fd4ec7850f8315cf6e2efe3c13efd7a98db1f5c8e120e4c4
34e4be92ec5b080fa8861ec31ab78bf63baad3b2242b5975a38de8d2807857aa
37432ab5456345013088a0aba1e107a5e85b4767aac9735233a341f33648924a
3822e0f60381a9ecea83c5300dfed90de7d991c706ac0ad9f754082bcab6b69d
3e63bb3f07db6bc27f04dd65d881437d600b216449c808e581b43430dcbd2a18
41eed05f5452f8494a83098fdc4bd1ab4f87ed04be25cd7e6561bc65517e13f8
461b29cf9f43cff35b3dd46e1fe6efa4a53ccbc015b0c657d917fa0408c42e12
47bec346ae6e440174592b99d08726818b151e22a645e154416af6d13401bccd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55ee0e5f8de91ebfd32f41d634d8f56df0807b6ce1953d9a4adf4008f267f151
586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab
60354f0c0f3d4a915a77ada41177e1385827fa014983f16b4a4a006f18406486
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
63f759ab039c35716b45807ad9deb42f8ee4ed55222ccf43bfef9ae397179054
6986a12e0410fec41d5953292152ea27f9ac961b338ecd28c3bdf3be493ba675
6d05079301ff5d8552cfe54705dd25ddb5cae6efa674441688c9a053b01e385d
6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3
731e664a68a2dde44f045559e59be24ee22f2198452d53abb6fe7f2ef3df3b71
73eae9169890b19ee3b6fc85d6e58e6f82a04bd056e33b9eb6a4f4bb1bda5db6
74f916a6b10e21fcf69a2e1b3dd00662a28951635549d772b24f34c50c2a8f92
7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7defbc9a4a59eb4f27473dd3c48a1f3039a5b22d8b639596fffb95d557e91d97
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8c91339b9ec1fc8338022f51581323e7fc95431f009a5519a36fb11ed613570b
93e52eb2ba859f3f843acc490780377c02fad2565c4dd88519882fbe1e976ea2
98321dba3b7790512cdfb6504a5d9e311f21c5940689293c6e4f301178332858
99c53c46357feddc65c909a326ae2985da8f9c16ee96e73c0a1ae5b648c25f14
9e7a46e9d288f6bcb89774f67b9793dfc5a08bbb9ab5eea214b401ef67612d24
a401c3c4bf86528d0d701359dbf9120e36b1f24a941daee953d4bd8ba5572d2b
a950303764fee5f1f2711d41220cc6f66f376cbba5fcafab87b41200dcc54fd7
aba876304cb8c77863d89a8eb1df27086dedf75c27fb3150ff9fdc3d9be7dbac
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b527f352c4ce8a72b48ef8cfd91d4c168691a910997081a841979b0ad88c2cf8
b5c9e8b41b5d02f3ddf144b038700c52f474abbc2ee868efa8043f6fd1d97981
bc855d1a9fcc1b2f9d756ba1dd566e6bcb25d966348e7106660c76575e8fe4e1
bd159fcab61e389020442aa4b384af9b0fa2e2002e0800695ec729ebe11450bc
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c6a4ebe53b2f115c74f0b8b1a046c6a10f26b4f1933d46316c91ab59aebda141
c8d2c5cf49de01ba73d6c1b5fff42db17e2d306896032af564de151dbf12d6b7
c93ed4a0ce133909d5cd8ddd9325e4dc5facb853eee31b6095d29fe0de182e9b
ce6bc2220343cd11dcac5c3ff2ad6b397fcf776d2b1f45e09163767a62448453
d1dc9ca262e224217a9bb38f9140bbed39de1a7545fe984328122b62aa983d66
dd56990ee8998fe0ffc5a4a3d8044847874042c48dfb226bed195b424bc1d1c5
e2543f09ef2c830564a2dcf53e27fcf8e7f490e11821f79cc3067826023df33c
e328249987f5532a7f633e47f551c0a9429f67bb169ed379ecb5d49194ce895b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee363a1fbd7f6826565d20c6be5911c95abb71cf1738ae3b737e394a741dc819
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49bb654f97a14e0630ea85087e5a2abc7ab474ec8f406a6ac1583eb83cc1591
f54c91e0903d2c98a1f8b6107b9dfbea025c961dc1a35fe98c7452b2c37770b6
f649cbb646138a2f94dc554913107b5bc923d14a6bc27d35ea1d5bd5c97c4f40
f776b22a66734a3cc606db8d0b8184d1832e84d8e1fc7b7572651fcdea052384
f8fab93d5df7ebde3dec2f54b365ef047df4911e1a66b60cb5945e6efc76f396
f9110429c6e318631e4f49cd61974a5b733e4e8d3f0c9709314b29d5190a1bec
ff1a1151a0263c019db27de5208482a43f54544925bb82e7c5b48429bb3085bf
fffa08a498f7ccca4287c581f6cc02551f640f70b52db3a7d023dae38af75165

www.jetbluepluscard.com Open in urlscan Pro 167.203.49.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

143 Requests

96 %HTTPS

29 %IPv6

40 Domains

54 Subdomains

42 IPs

6 Countries

2253 kBTransfer

4867 kBSize

17 Cookies

2 Outgoing links

Page URL History

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.jetbluepluscard.com Open in urlscan Pro
167.203.49.82 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

96 %
HTTPS

29 %
IPv6

40
Domains

54
Subdomains

42
IPs

6
Countries

2253 kB
Transfer

4867 kB
Size

17
Cookies

143 HTTP transactions
2 data transactions