secure2.ofx.com Open in urlscan Pro
3.106.21.251 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us.ofx.com/registration?pid=12416
Effective URL:
https://secure2.ofx.com/registration?pid=12416
Submission Tags: falconsandbox
Submission: On June 19 via api (June 19th 2022, 7:35:51 am UTC) from US — Scanned from DE

Summary HTTP 134 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 29 domains to perform 134 HTTP transactions. The main IP is 3.106.21.251, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is secure2.ofx.com.
TLS certificate: Issued by Amazon on July 27th 2021. Valid for: a year.

This is the only time secure2.ofx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.106.14.21 3.106.14.21	16509 (AMAZON-02) (AMAZON-02)
23	3.106.21.251 3.106.21.251	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:3e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 4	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.215.92 143.204.215.92	16509 (AMAZON-02) (AMAZON-02)
1	35.190.6.239 35.190.6.239	15169 (GOOGLE) (GOOGLE)
9 9	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:e... 2600:1901:0:e4aa::	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1994	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
5	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
2	20.120.65.166 20.120.65.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	34.225.246.47 34.225.246.47	14618 (AMAZON-AES) (AMAZON-AES)
2	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
3	65.9.66.11 65.9.66.11	16509 (AMAZON-02) (AMAZON-02)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
1	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
134	43

1 3.106.14.21 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-106-14-21.ap-southeast-2.compute.amazonaws.com

us.ofx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 3.106.21.251 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

secure2.ofx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:3e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

1852302.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.11 (United States) 2 redirects

ASN20446 (STACKPATH-CDN, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-92.fra53.r.cloudfront.net

sleeknotecustomerscripts.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.6.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.6.190.35.bc.googleusercontent.com

static.wondaris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:21::14 (United States) 9 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

ssgtm.ofx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:e4aa:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

centralise.api.wondaris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1994 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.225.246.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-246-47.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-11.fra56.r.cloudfront.net

sleeknotestaticcontent.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

analytics.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

go.message.ofx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	ofx.com 1 redirects us.ofx.com secure2.ofx.com ssgtm.ofx.com — Cisco Umbrella Rank: 922927 go.message.ofx.com	563 KB
12	linkedin.com 9 redirects dc.ads.linkedin.com — Cisco Umbrella Rank: 7661 www.linkedin.com — Cisco Umbrella Rank: 527 px.ads.linkedin.com — Cisco Umbrella Rank: 370 px4.ads.linkedin.com — Cisco Umbrella Rank: 5965	10 KB
11	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1874 clientstream.launchdarkly.com — Cisco Umbrella Rank: 1692 Failed events.launchdarkly.com — Cisco Umbrella Rank: 1385	4 KB
11	google.com region1.analytics.google.com — Cisco Umbrella Rank: 15715 www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 92	2 KB
10	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 125 1852302.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	6 KB
8	google.de www.google.de — Cisco Umbrella Rank: 5111 adservice.google.de — Cisco Umbrella Rank: 7295	2 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 489	124 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 595 l.clarity.ms — Cisco Umbrella Rank: 5547 c.clarity.ms — Cisco Umbrella Rank: 1161	26 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	62 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	420 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 91	703 B
5	wondaris.com static.wondaris.com centralise.api.wondaris.com	17 KB
5	sleeknote.com sleeknotecustomerscripts.sleeknote.com — Cisco Umbrella Rank: 20147 sleeknotestaticcontent.sleeknote.com — Cisco Umbrella Rank: 24024 analytics.sleeknote.com — Cisco Umbrella Rank: 27149	50 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 389 c.bing.com — Cisco Umbrella Rank: 229	13 KB
4	mouseflow.com 2 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 6484	35 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	117 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1100 pixel.quantserve.com — Cisco Umbrella Rank: 461	10 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 4806	4 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 554	556 B
2	t.co t.co — Cisco Umbrella Rank: 466	548 B
1	gstatic.com fonts.gstatic.com	36 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1614	157 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 953	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 681	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1422	7 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 818	448 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1065	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 246	4 KB
134	29

	Domain	Requested by
23	secure2.ofx.com	secure2.ofx.com
7	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
6	app.launchdarkly.com	secure2.ofx.com
6	www.google.de	secure2.ofx.com
6	region1.analytics.google.com	www.googletagmanager.com
6	www.google-analytics.com	www.googletagmanager.com secure2.ofx.com
6	www.googletagmanager.com	secure2.ofx.com www.googletagmanager.com
5	www.facebook.com	secure2.ofx.com
4	events.launchdarkly.com	secure2.ofx.com
4	centralise.api.wondaris.com	static.wondaris.com
4	px.ads.linkedin.com	4 redirects
4	cdn.mouseflow.com	2 redirects secure2.ofx.com
4	1852302.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	bat.bing.com	www.googletagmanager.com bat.bing.com secure2.ofx.com
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	sleeknotestaticcontent.sleeknote.com	sleeknotecustomerscripts.sleeknote.com sleeknotestaticcontent.sleeknote.com
3	px4.ads.linkedin.com	secure2.ofx.com
3	www.linkedin.com	3 redirects
3	connect.facebook.net	secure2.ofx.com connect.facebook.net
3	www.google.com	secure2.ofx.com
2	c.clarity.ms	1 redirects
2	pi.pardot.com	secure2.ofx.com pi.pardot.com
2	l.clarity.ms	secure2.ofx.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	adservice.google.de	adservice.google.com
2	adservice.google.com	1852302.fls.doubleclick.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	ssgtm.ofx.com	www.googletagmanager.com
2	analytics.twitter.com	secure2.ofx.com
2	t.co	secure2.ofx.com
2	dc.ads.linkedin.com	2 redirects
2	pixel.quantserve.com	secure2.ofx.com
1	go.message.ofx.com	pi.pardot.com
1	analytics.sleeknote.com
1	c.bing.com	1 redirects
1	clientstream.launchdarkly.com	secure2.ofx.com
1	fonts.gstatic.com	secure2.ofx.com
1	alb.reddit.com	secure2.ofx.com
1	static.wondaris.com	www.googletagmanager.com
1	sleeknotecustomerscripts.sleeknote.com	secure2.ofx.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	rules.quantcount.com	secure.quantserve.com
1	cdnjs.cloudflare.com	secure2.ofx.com
1	secure.quantserve.com	www.googletagmanager.com
1	us.ofx.com	1 redirects
134	49

This site contains links to these domains. Also see Links.

Domain
www.ofx.com
www.onetrust.com

Subject Issuer	Validity	Valid
secure2.ofx.com Amazon	`2021-07-27` - `2022-08-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-28` - `2022-06-26`	3 months	crt.sh
*.sleeknote.com Amazon	`2022-01-18` - `2023-02-14`	a year	crt.sh
static.wondaris.com GTS CA 1D4	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
ssgtm.ofx.com GTS CA 1D4	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
centralise.api.wondaris.com GTS CA 1D4	`2022-04-26` - `2022-07-25`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
clientstream.launchdarkly.com Amazon	`2021-09-21` - `2022-10-19`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
events.launchdarkly.com Amazon	`2021-09-19` - `2022-10-17`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
analytics.sleeknote.com GTS CA 1D4	`2022-05-26` - `2022-08-24`	3 months	crt.sh
go.message.ofx.com R3	`2022-06-03` - `2022-09-01`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://secure2.ofx.com/registration?pid=12416
Frame ID: 85FC095F71C84522233C4B7BEA8FD6E4
Requests: 122 HTTP requests in this frame

Frame: https://1852302.fls.doubleclick.net/activityi;dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416
Frame ID: 77F0636FFC61B89E6061161C7F6B78BD
Requests: 1 HTTP requests in this frame

Frame: https://1852302.fls.doubleclick.net/activityi;dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416
Frame ID: C6732EBD458E7E5C124C8C6AD285B490
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416
Frame ID: F0006B5CCD823563A2361EE36786A008
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416
Frame ID: 5BFF037DCAD8712AFAA664DBBF5E1A00
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416
Frame ID: E392AA676E23EF030C7D04A343A50BA7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416
Frame ID: 4BDC02AC9FEE09ECBA17509DDF4E4235
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OFX | International Money Transfers & Currency ExchangeAssets/Icon/PersonAssets/Icon/BusinessBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://us.ofx.com/registration?pid=12416 HTTP 301
https://secure2.ofx.com/registration?pid=12416 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

134
Requests

95 %
HTTPS

52 %
IPv6

29
Domains

49
Subdomains

43
IPs

5
Countries

1538 kB
Transfer

5036 kB
Size

48
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ofx.com/en-au/legal/cookie-policy/
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us.ofx.com/registration?pid=12416 HTTP 301
https://secure2.ofx.com/registration?pid=12416 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://1852302.fls.doubleclick.net/activityi;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416 HTTP 302
https://1852302.fls.doubleclick.net/activityi;dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416

Request Chain 57

https://cdn.mouseflow.com/projects/b11b90be-4486-41f6-a4f9-4f7ab8eb248d.js HTTP 301
https://cdn.mouseflow.com/projects/b11b90be-4486-41f6-a4f9-4f7ab8eb248d_eu.js

Request Chain 58

https://1852302.fls.doubleclick.net/activityi;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416 HTTP 302
https://1852302.fls.doubleclick.net/activityi;dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416

Request Chain 59

https://cdn.mouseflow.com/projects/a65f2542-c798-4cbc-b46e-2101e508dc85.js HTTP 301
https://cdn.mouseflow.com/projects/a65f2542-c798-4cbc-b46e-2101e508dc85_eu.js

Request Chain 66

https://dc.ads.linkedin.com/collect/?pid=660546&conversionId=2387996&fmt=gif HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D660546%26conversionId%3D2387996%26fmt%3Dgif%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?pid=660546&conversionId=2387996&fmt=gif&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?pid=660546&conversionId=2387996&fmt=gif&liSync=true&e_ipv6=AQLv1vIkySU7aAAAAYF644wKffUD1w1Xt1JiGXcRJsiFWNKvgZLkUyFsBmbXnhAF

Request Chain 67

https://dc.ads.linkedin.com/collect/?pid=660546&conversionId=1238537&fmt=gif HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D660546%26conversionId%3D1238537%26fmt%3Dgif%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?pid=660546&conversionId=1238537&fmt=gif&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?pid=660546&conversionId=1238537&fmt=gif&liSync=true&e_ipv6=AQI29di8TNDVuAAAAYF644wKkqJ-t6v0X4dfK6OryKmMJKS1C69IdFtGxPCYDGn7

Request Chain 70

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=660546&time=1655624141383&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D660546%26time%3D1655624141383%26url%3Dhttps%253A%252F%252Fsecure2.ofx.com%252Fregistration%253Fpid%253D12416%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=660546&time=1655624141383&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=660546&time=1655624141383&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&liSync=true&e_ipv6=AQLlJlpmpFz8xQAAAYF644xXPF2tQH_o3rYl5N5Xa1N45EWbvt2OLxF9aczb0rTM

Request Chain 120

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E614BE2F3EDB4AC281D9567796C1469D&RedC=c.clarity.ms&MXFR=3B8DE7F6C08E69232929F63EC48E6703 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E614BE2F3EDB4AC281D9567796C1469D&MUID=1D5012960ACD68E73F9F035E0BA66995

134 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request registration Show response
secure2.ofx.com/
Redirect Chain

https://us.ofx.com/registration?pid=12416
https://secure2.ofx.com/registration?pid=12416

22 KB
6 KB

876ms
284ms

Document
text/html

3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

a85327329f85b3731f132a2dd114ba20cf16d56d8045bc37bf14c0cf135103c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-expose-headers: X-OFX-CorrelationId
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 19 Jun 2022 07:35:40 GMT
etag: "591a-ya4ESQdzk61/uosYYdsZWm9oyis"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Content-Length: 169
Content-Type: text/html; charset=UTF-8
Date: Sun, 19 Jun 2022 07:35:39 GMT
Location: https://secure2.ofx.com/registration?pid=12416
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

GET
H2 200 font-face.css
secure2.ofx.com/static/css/ 605 B
890 B 278ms
277ms Stylesheet
text/css 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/static/css/font-face.css

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

317efa78a9c9f1e550da5614b0391f6a3d19b8c78df22787bbcb38127a4d663e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
last-modified: Fri, 17 Jun 2022 04:19:49 GMT
x-frame-options: SAMEORIGIN
etag: W/"25d-1816fe37e88"
vary: Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 605

GET
H2 200 81ca10030f465899.css
secure2.ofx.com/_next/static/css/ 13 KB
4 KB 277ms
277ms Stylesheet
text/css 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/css/81ca10030f465899.css

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

dc636a5f2a5c6882dd7fd47da7adeb442736356e2715a2394671423df5eeccc6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:43 GMT
x-frame-options: SAMEORIGIN
etag: W/"325c-1816fe71098"
vary: Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 webpack-d6a98274b3ca4e90.js Show response
secure2.ofx.com/_next/static/chunks/ 10 KB
6 KB 279ms
278ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/webpack-d6a98274b3ca4e90.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

f996e03b0fb822d704f3fdc1b5a1a7064e7ea9a9c07b74eb1aa884e709914e5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:43 GMT
x-frame-options: SAMEORIGIN
etag: W/"2713-1816fe71098"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 framework-eeba1b405d308ec4.js Show response
secure2.ofx.com/_next/static/chunks/ 128 KB
42 KB 286ms
283ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/framework-eeba1b405d308ec4.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

794817ce5f63fb881869fa4efd4f416515eb84d8846f3309ca963a94a0e44814

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:43 GMT
x-frame-options: SAMEORIGIN
etag: W/"1ff08-1816fe71098"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 main-04dce1b28a9db67b.js Show response
secure2.ofx.com/_next/static/chunks/ 132 KB
41 KB 560ms
557ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/main-04dce1b28a9db67b.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

e3b4e4292c060e7df4e80f8b8aac4c5f6c40792ce3c9aeca31bba5b69d055ad5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:43 GMT
x-frame-options: SAMEORIGIN
etag: W/"20fec-1816fe71098"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 _app-907265794e7a92c4.js Show response
secure2.ofx.com/_next/static/chunks/pages/ 572 KB
176 KB 560ms
556ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/pages/_app-907265794e7a92c4.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

d307ce5450c7685f310308f021c22892042b0a653474e1260b34f7bd42425f24

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:43 GMT
x-frame-options: SAMEORIGIN
etag: W/"8ef2f-1816fe71098"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 06f6b0c0-5aa977b258cb81c6.js Show response
secure2.ofx.com/_next/static/chunks/ 530 KB
107 KB 560ms
557ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/06f6b0c0-5aa977b258cb81c6.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

493b01100406cb166d993b701469a3864a0c6377d48a9c1cf1a0e4ef633438d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:43 GMT
x-frame-options: SAMEORIGIN
etag: W/"84941-1816fe71098"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 29107295-fcd63f8c12f2db96.js Show response
secure2.ofx.com/_next/static/chunks/ 70 KB
25 KB 616ms
613ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/29107295-fcd63f8c12f2db96.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

27b37d9ef027c0ce021bb0804996abd5b493cf2f93f3e8c2fa3ddb8f60872dfc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:43 GMT
x-frame-options: SAMEORIGIN
etag: W/"11831-1816fe71098"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 3148-ffb0899811feaf03.js Show response
secure2.ofx.com/_next/static/chunks/ 8 KB
4 KB 560ms
557ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/3148-ffb0899811feaf03.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

68321825751a9924e02c73b23088f8711e279be4177ec5128e1c5617fa1cc1de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:44 GMT
x-frame-options: SAMEORIGIN
etag: W/"1ee0-1816fe71480"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 2114-bcf94e0903fca32e.js Show response
secure2.ofx.com/_next/static/chunks/ 208 KB
61 KB 835ms
832ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/2114-bcf94e0903fca32e.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

7f5aa1a6397018864bd64b633369c1ccf5402d05d6a61a96f2a52baa82d68185

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:44 GMT
x-frame-options: SAMEORIGIN
etag: W/"33f7e-1816fe71480"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 4024-5909c10fdc0d7337.js Show response
secure2.ofx.com/_next/static/chunks/ 12 KB
5 KB 560ms
557ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/4024-5909c10fdc0d7337.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

10b01b91196b14e071ba9d07a538fd37dbad2aea74ba9c0cd0c3d73e9db2b6c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:44 GMT
x-frame-options: SAMEORIGIN
etag: W/"2f3b-1816fe71480"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 3788-a87c101ca3a78041.js Show response
secure2.ofx.com/_next/static/chunks/ 28 KB
7 KB 834ms
832ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/3788-a87c101ca3a78041.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

f3314351cf0bf8ab92674e44d774eded139b04545792f8258d370ff26f05c721

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:44 GMT
x-frame-options: SAMEORIGIN
etag: W/"71ed-1816fe71480"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 1643-767c008a530da51e.js Show response
secure2.ofx.com/_next/static/chunks/ 78 KB
9 KB 1099ms
1096ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/1643-767c008a530da51e.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

29cf5c2bf1fe770f55ed88a1454d7db11f3e8e58cb80b24930448a11103fb53e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:44 GMT
x-frame-options: SAMEORIGIN
etag: W/"1360e-1816fe71480"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 905-5613ffa8529716cd.js Show response
secure2.ofx.com/_next/static/chunks/ 21 KB
7 KB 835ms
832ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/905-5613ffa8529716cd.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

b01be6854b5493e7059b693fb21481fb9092d6a4743a3aab1286d5d01126d628

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:44 GMT
x-frame-options: SAMEORIGIN
etag: W/"53ad-1816fe71480"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 8642-5892a0d59fbc3aea.js Show response
secure2.ofx.com/_next/static/chunks/ 15 KB
5 KB 1099ms
1096ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/8642-5892a0d59fbc3aea.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

a78236fbdc63d74608e7e9031e7f4d4944f43c96d3deda317293b7d5e406d830

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:44 GMT
x-frame-options: SAMEORIGIN
etag: W/"3cfa-1816fe71480"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 9835-738685a46cfaf258.js Show response
secure2.ofx.com/_next/static/chunks/ 17 KB
6 KB 835ms
833ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/9835-738685a46cfaf258.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

4b4000a8d9b526af8afc4e045090391ed19820ff676ddb738777488d212f30e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:44 GMT
x-frame-options: SAMEORIGIN
etag: W/"446e-1816fe71480"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 registration-cc38cc6f47e754ea.js Show response
secure2.ofx.com/_next/static/chunks/pages/ 386 B
694 B 1098ms
1097ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/chunks/pages/registration-cc38cc6f47e754ea.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

faf338bdd78f8b52acf75b8e649bfcdaf8d8d5aa9052e7764468853764f9d811

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
last-modified: Fri, 17 Jun 2022 04:23:43 GMT
x-frame-options: SAMEORIGIN
etag: W/"182-1816fe71098"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 386

GET
H2 200 _buildManifest.js Show response
secure2.ofx.com/_next/static/tw0DrorSCJyoNaXFrTTD3/ 4 KB
2 KB 834ms
832ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/tw0DrorSCJyoNaXFrTTD3/_buildManifest.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

faa7108b3869d33eba5ea9494c01c5a27255f6ed6aae06e6940baeba4c7dbdfd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:23:43 GMT
x-frame-options: SAMEORIGIN
etag: W/"f56-1816fe71098"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 _ssgManifest.js Show response
secure2.ofx.com/_next/static/tw0DrorSCJyoNaXFrTTD3/ 77 B
383 B 1098ms
1097ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/tw0DrorSCJyoNaXFrTTD3/_ssgManifest.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
last-modified: Fri, 17 Jun 2022 04:23:43 GMT
x-frame-options: SAMEORIGIN
etag: W/"4d-1816fe71098"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 77

GET
H2 200 _middlewareManifest.js Show response
secure2.ofx.com/_next/static/tw0DrorSCJyoNaXFrTTD3/ 92 B
398 B 834ms
833ms Script
application/javascript 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/_next/static/tw0DrorSCJyoNaXFrTTD3/_middlewareManifest.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
last-modified: Fri, 17 Jun 2022 04:24:32 GMT
x-frame-options: SAMEORIGIN
etag: W/"5c-1816fe7d000"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 92

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
64 KB 55ms
31ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSMXT6

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

173a28b9db21befbd1706bf63748b66d71de38392d62c0d872b331404b4e3047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65430
x-xss-protection: 0
last-modified: Sun, 19 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Jun 2022 07:35:40 GMT

GET
H2 200 medium-bg.png
secure2.ofx.com/static/ 10 KB
11 KB 1096ms
1096ms Image
image/png 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure2.ofx.com/static/medium-bg.png

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

ecb03a1be4044432373952d3adf2e0746cc17db625f5c2372d017b1e630944e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/registration?pid=12416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
last-modified: Fri, 17 Jun 2022 04:19:49 GMT
x-frame-options: SAMEORIGIN
etag: W/"29e9-1816fe37e88"
vary: Origin
content-type: image/png
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10729

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 381 KB
99 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSMXT6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ad58ad515a564611f56bbc81032e7f58550c343caca5ae1e73ee288b0d7cd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101363
x-xss-protection: 0
last-modified: Sun, 19 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Jun 2022 07:35:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QR4C9L8X2C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55b3d1a2e461c6c7f3a881008c4304d2ba60fe969e0371e14bab273b48c77d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70210
x-xss-protection: 0
expires: Sun, 19 Jun 2022 07:35:40 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 127 KB
42 KB 48ms
24ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-KP54WTG

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fa44b5c4e8e4e770d3a64256f67c428806196e7ff332a09719d318b4a28993a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43029
x-xss-protection: 0
expires: Sun, 19 Jun 2022 07:35:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
71 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TFB8GGR3P6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4d6e4a736028d336663135abbd7657f07300567c1d0c8aa8874787572c47df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72172
x-xss-protection: 0
expires: Sun, 19 Jun 2022 07:35:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
70 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EYPB30L58Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33e8699ac896ce6a94bd40b69c442a453c73d0e7b3f30862e1c0bd8c39718402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71807
x-xss-protection: 0
expires: Sun, 19 Jun 2022 07:35:40 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 36ms
16ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jaQOgzI9+ZkWZRPB/GIusQ==
age: 3166
vary: Accept-Encoding
content-length: 6921
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jun 2022 02:47:08 GMT
server: cloudflare
etag: 0x8DA500BAC1ECEB7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3b52b784-201e-00e0-60f4-813e6e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71da96e0c91f9060-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2793
date: Sun, 19 Jun 2022 06:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 19 Jun 2022 08:49:07 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 30ms
9ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 26 Jun 2022 07:35:40 GMT

GET
H2 200 sha256.js Show response
cdnjs.cloudflare.com/ajax/libs/jsSHA/2.3.1/ 9 KB
4 KB 41ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jsSHA/2.3.1/sha256.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372baf2dfb2f7c27c4f9c795ebf5b5f47faa569dccf1cf45cc0823ef6096dfdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25853620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3338
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-24a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAHuiT4r7XiG%2Fw8Yx1nRaOwxZn5UAuUQTsqPZl%2F7gv9twvhC0%2B3ikX4i%2FjTS0OoDa10FoiPY4i6ioaqXUe43hjGhBxkFGkefdHX5sGyGacZaisEYvC5DKWYnSSrEhpGp3gePwYsUGn4IEXM6jGoUE7su"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71da96e0dd606922-FRA
expires: Fri, 09 Jun 2023 07:35:40 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
347 B 51ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QR4C9L8X2C&gtm=2oe6f0&_p=47371244&_z=ccd.v9B&_gaz=1&cid=1924289760.1655624141&ul=en-us&sr=1600x1200&_s=1&sid=1655624140&sct=1&seg=0&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QR4C9L8X2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 174ms
26ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QR4C9L8X2C&cid=1924289760.1655624141&gtm=2oe6f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QR4C9L8X2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 74ms
41ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QR4C9L8X2C&cid=1924289760.1655624141&gtm=2oe6f0&aip=1&z=1214979184

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d91f68eb-6e3e-4b88-8fca-fca648a3b0c0.json Show response
cdn.cookielaw.org/consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/ 4 KB
2 KB 56ms
35ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69c86ea4dfcd7a770f1f6c0253975c879dc6c27cbe757f76296cc2988a561e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: amERQQxb4Dz4EbogKzIGyw==
age: 2211
vary: Accept-Encoding
content-length: 1563
x-ms-lease-status: unlocked
last-modified: Fri, 25 Feb 2022 00:37:46 GMT
server: cloudflare
etag: 0x8D9F7F70AD9550A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 43671308-b01e-0022-2de0-29b6d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71da96e18b37697f-FRA
expires: Sun, 19 Jun 2022 11:35:41 GMT

GET
H2 200 rules-p-9xPpAFMcLk8qV.js Show response
rules.quantcount.com/ 4 KB
2 KB 36ms
11ms Script
application/javascript 2600:9000:206f:3e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-9xPpAFMcLk8qV.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c72e4be919a8267f2487f5df30048cce6975648295de923d1b253a2ebddbed9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:01:50 GMT
content-encoding: gzip
age: 2756
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 04 May 2017 00:45:49 GMT
server: AmazonS3
etag: W/"62855155c5de336772d4061430529424"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: vx4UCEgUQkDgcbTk74MFk4_4yLJJYolN5qZckPv6PULt10P_KDSpfw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 70ms
25ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2217750-36&cid=1924289760.1655624141&jid=1793541522&gjid=2117233247&_gid=682679000.1655624141&_u=aCDAiEABRAAAAE~&z=1751573753

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure2.ofx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 19 Jun 2022 07:35:41 GMT
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
11ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=47371244&t=pageview&_s=1&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&ul=en-us&de=UTF-8&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEABR~&jid=1793541522&gjid=2117233247&cid=1924289760.1655624141&tid=UA-2217750-36&_gid=682679000.1655624141&gtm=2wg6f0KRLZFR3&cd2=&cd4=not%20set&cd16=false&cd17=0&z=432248488

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Jun 2022 11:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71572
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 44ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TFB8GGR3P6&gtm=2oe6f0&_p=47371244&_z=ccd.v9B&_gaz=1&cid=1924289760.1655624141&ul=en-us&sr=1600x1200&ir=1&_eu=Q&_s=1&sid=1655624140&sct=1&seg=0&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&en=page_view&_fv=1&_ss=1&up.transfer_recipient_info=DL%20-%20transferRecipientInfo
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TFB8GGR3P6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 25ms
25ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TFB8GGR3P6&cid=1924289760.1655624141&gtm=2oe6f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TFB8GGR3P6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 36ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EYPB30L58Z&gtm=2oe6f0&_p=47371244&_z=ccd.v9B&_gaz=1&cid=1924289760.1655624141&ul=en-us&sr=1600x1200&ir=1&_eu=Q&_s=1&sid=1655624140&sct=1&seg=0&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYPB30L58Z&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 26ms
26ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EYPB30L58Z&cid=1924289760.1655624141&gtm=2oe6f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYPB30L58Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 67ms
38ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TFB8GGR3P6&cid=1924289760.1655624141&gtm=2oe6f0&aip=1&z=1839470774

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 66ms
37ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EYPB30L58Z&cid=1924289760.1655624141&gtm=2oe6f0&aip=1&z=424220267

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 174 B
448 B 55ms
31ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f7ac39d5008a07cafebc020f9e2b03ec506750142df560dfee33d26e484b0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://secure2.ofx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 71da96e238899078-FRA
access-control-allow-headers: Content-Type

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 67ms
41ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2217750-36&cid=1924289760.1655624141&jid=1793541522&_u=aCDAiEABRAAAAE~&z=1443491968

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
38ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2217750-36&cid=1924289760.1655624141&jid=1793541522&_u=aCDAiEABRAAAAE~&z=1443491968

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=588681904;event=refresh;labels=_fp.event.PageView%2C_fp.event.Registration%20Landing%20Page;source=gtm;rf=0;a=p-9xPpAFMcLk8qV;url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416;...
pixel.quantserve.com/ 35 B
371 B 14ms
12ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=588681904;event=refresh;labels=_fp.event.PageView%2C_fp.event.Registration%20Landing%20Page;source=gtm;rf=0;a=p-9xPpAFMcLk8qV;url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416;uht=2;fpan=1;fpa=P0-824062742-1655624141146;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=ofx.com;je=0;sr=1600x1200x24;dst=0;et=1655624141146;tzo=0;ogl=

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.30.0/ 332 KB
79 KB 18ms
18ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.30.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a23d89046025811db05e44c327b9d4d02b23874663aacc3c1ca7703f3f455d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5oE+t+daHCCmdsXYZnY9oQ==
age: 2006
vary: Accept-Encoding
content-length: 80901
x-ms-lease-status: unlocked
last-modified: Mon, 31 Jan 2022 17:10:47 GMT
server: cloudflare
etag: 0x8D9E4DC9FB57A81
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b137c0fc-701e-003f-17d5-166f3a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71da96e27b4e9060-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/92a0ed5e-5577-4922-bf25-9778b3067acc/ 86 KB
16 KB 42ms
42ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/92a0ed5e-5577-4922-bf25-9778b3067acc/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.30.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85ed006978a58b57bcdc304eb13c9ca777366512d3f32f1fb3a5f0a7043ae24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jyCoGhdCpgSO+2F44wNagQ==
vary: Accept-Encoding
content-length: 16682
x-ms-lease-status: unlocked
last-modified: Fri, 25 Feb 2022 00:37:58 GMT
server: cloudflare
etag: 0x8D9F7F712435C8B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1c1c3191-301e-001a-66e5-59f789000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71da96e2bd34697f-FRA
expires: Sun, 19 Jun 2022 11:35:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
47 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1234&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a319aee8ab506984490fc291314e6e3a11b0cea21b108c0287272b377c8abad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48047
x-xss-protection: 0
last-modified: Sun, 19 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Jun 2022 07:35:41 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 104ms
62ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6643122E682E496EA82D3960A8A8D844 Ref B: FRAEDGE1406 Ref C: 2022-06-19T07:35:41Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sun, 19 Jun 2022 07:35:41 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 24 KB
7 KB 30ms
8ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 18 Apr 2022 22:30:59 GMT
server: snooserv
etag: "5dcf2f59e7a6e0d30193fedad78db790"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7461

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 52ms
13ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kiad7000085-IAD, cache-hhn11523-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 36ms
12ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 07:35:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=53604
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H3

200

activityi;dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416 Show response
1852302.fls.doubleclick.net/ Frame 77F0
Redirect Chain

https://1852302.fls.doubleclick.net/activityi;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D1...
https://1852302.fls.doubleclick.net/activityi;dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure...

504 B
423 B

45ms
19ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1852302.fls.doubleclick.net/activityi;dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

049bdc024a34b1d2e6a29de1f6f8bb1da11a991f5727708a914556cdd57f1949

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 07:35:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 07:35:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1852302.fls.doubleclick.net/activityi;dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 95ms
63ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Jun 2022 07:35:41 GMT

GET
H2

200

b11b90be-4486-41f6-a4f9-4f7ab8eb248d_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/b11b90be-4486-41f6-a4f9-4f7ab8eb248d.js
https://cdn.mouseflow.com/projects/b11b90be-4486-41f6-a4f9-4f7ab8eb248d_eu.js

60 KB
17 KB

28ms
28ms

Script
application/javascript

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/b11b90be-4486-41f6-a4f9-4f7ab8eb248d_eu.js
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: c699631f444d4a658a133e0904c6bd794a0270d1d58f03a04527d2838965763f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
last-modified: Sun, 12 Jun 2022 13:18:06 GMT
server
etag: "d22fbcda5e7ed81:0"
x-hw: 1655624141.cds012.fr8.hn,1655624141.cds254.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17547

Redirect headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
last-modified: Sun, 12 Jun 2022 13:18:04 GMT
server
etag: "04efed85e7ed81:0"
location: https://cdn.mouseflow.com/projects/b11b90be-4486-41f6-a4f9-4f7ab8eb248d_eu.js
x-hw: 1655624141.cds012.fr8.hn,1655624141.cds218.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/b11b90be-4486-41f6-a4f9-4f7ab8eb248d.js
content-length: 63404

GET
H3

200

activityi;dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistr... Show response
1852302.fls.doubleclick.net/ Frame C673
Redirect Chain

https://1852302.fls.doubleclick.net/activityi;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregis...
https://1852302.fls.doubleclick.net/activityi;dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=htt...

521 B
433 B

49ms
21ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1852302.fls.doubleclick.net/activityi;dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

508acb5527a8de621799da3e9624bb49b7ce151e42d9b3bb2f54c97f35059090

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 07:35:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 07:35:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1852302.fls.doubleclick.net/activityi;dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

a65f2542-c798-4cbc-b46e-2101e508dc85_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/a65f2542-c798-4cbc-b46e-2101e508dc85.js
https://cdn.mouseflow.com/projects/a65f2542-c798-4cbc-b46e-2101e508dc85_eu.js

60 KB
17 KB

11ms
11ms

Script
application/javascript

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/a65f2542-c798-4cbc-b46e-2101e508dc85_eu.js
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 361d8a14404ef54f4c294433b1328aaeafd5610922acef2877152ba7c72bada2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
last-modified: Sat, 11 Jun 2022 21:34:29 GMT
server
etag: "58811a8db7dd81:0"
x-hw: 1655624141.cds012.fr8.hn,1655624141.cds011.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17300

Redirect headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
last-modified: Sat, 11 Jun 2022 21:34:27 GMT
server
etag: "8ecb77db7dd81:0"
location: https://cdn.mouseflow.com/projects/a65f2542-c798-4cbc-b46e-2101e508dc85_eu.js
x-hw: 1655624141.cds012.fr8.hn,1655624141.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/a65f2542-c798-4cbc-b46e-2101e508dc85.js
content-length: 54262

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 124ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: e1pWJBGxjZIrlb2upziUlP+TOfgvEaXSO9kYhtXOipFrbddIja4rprypebROoKZhZObife9Ij0y8kTvGY3T+Iw==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 19 Jun 2022 07:35:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 21647.js Show response
sleeknotecustomerscripts.sleeknote.com/ 44 KB
6 KB 177ms
131ms Script
text/javascript 143.204.215.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotecustomerscripts.sleeknote.com/21647.js
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-92.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef4d59b7fd821ed5a28603dee29a58f074f99a9366ff4563f04fc577aa01238e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: lBjLO42Aa7LfYlrHrDFM4YQ0ROIjEykI
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:00:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "8c8892a2bd03beea512e370b9d909748"
x-cache: RefreshHit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=60
date: Sun, 19 Jun 2022 07:35:42 GMT
accept-ranges: bytes
content-length: 5374
x-amz-cf-id: 01xje-gfOF0QxgQJPHb9K6YDPqAkMGM8tka2cRuoQ-aTpefhVCPX5w==

GET
H2 200 webhook-collector-module-webjs-latest.min.js Show response
static.wondaris.com/sdks/ 16 KB
16 KB 209ms
143ms Script
application/javascript 35.190.6.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wondaris.com/sdks/webhook-collector-module-webjs-latest.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRLZFR3&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.6.239 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

239.6.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

64a2e608499d1ac09253366063f0722c3f373622e94fdb667aea082b679916e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
vary: Origin
x-goog-meta-goog-reserved-file-mtime: 1651017799
age: 0
x-guploader-uploadid: ADPycdv85r62eDB0g4q6GNsa5fxrA0ZpT7gQR3Mg6T78mR8Xm2AcS0l3M1VhnsgJZJQAuqVSw91NE_toCnIsN_PKT15PYDqcHBOd
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16268
last-modified: Wed, 27 Apr 2022 00:03:34 GMT
server: UploadServer
etag: "4113adebf156bb01a9724e713bca726b"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=fQTgpw==, md5=QROt6/FWuwGpck5xO8pyaw==
content-language: en
x-goog-generation: 1651017813950095
cache-control: public, max-age=3600
x-goog-stored-content-length: 16268
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 19 Jun 2022 08:35:41 GMT

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.30.0/assets/ 10 KB
3 KB 24ms
24ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.30.0/assets/otFloatingRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.30.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a46f267ccf978edab204d0c7c96a2553ec259bf09ab9b9f67d957b26de8426d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8RCzQ5Ay9dsRxOhONj5Z0Q==
age: 2211
vary: Accept-Encoding
content-length: 2588
x-ms-lease-status: unlocked
last-modified: Mon, 31 Jan 2022 17:10:38 GMT
server: cloudflare
etag: 0x8D9E4DC9A2C1ACD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 29796ec9-a01e-0110-76fc-57a855000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71da96e39e8a697f-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.30.0/assets/v2/ 48 KB
12 KB 22ms
22ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.30.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.30.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01c2ddf68eaf07e408a6dc118d6c237ae302709a919772698d9dc03419e4ca30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: rWXW8IAuyKNQrQVFsGpe6g==
age: 2211
vary: Accept-Encoding
content-length: 11467
x-ms-lease-status: unlocked
last-modified: Mon, 31 Jan 2022 17:10:40 GMT
server: cloudflare
etag: 0x8D9E4DC9BD681A2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5a31d3f0-201e-000e-390b-3434ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71da96e39e8c697f-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.30.0/assets/ 20 KB
4 KB 24ms
24ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.30.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.30.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 1440
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Mon, 31 Jan 2022 17:10:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 61048e62-901e-0131-438c-29c564000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71da96e39e8e697f-FRA

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://dc.ads.linkedin.com/collect/?pid=660546&conversionId=2387996&fmt=gif
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D660546%26conversionId%3D2387996%26fmt%3Dgif%26liSync%3Dtrue
https://px.ads.linkedin.com/collect?pid=660546&conversionId=2387996&fmt=gif&liSync=true
https://px4.ads.linkedin.com/collect?pid=660546&conversionId=2387996&fmt=gif&liSync=true&e_ipv6=AQLv1vIkySU7aAAAAYF644wKffUD1w1Xt1JiGXcRJsiFWNKvgZLkUyFsBmbXnhAF

43 B
245 B

3583ms
3563ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?pid=660546&conversionId=2387996&fmt=gif&liSync=true&e_ipv6=AQLv1vIkySU7aAAAAYF644wKffUD1w1Xt1JiGXcRJsiFWNKvgZLkUyFsBmbXnhAF
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:42 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DD1F177F54AC40C3866E4D19F0DA8BA0 Ref B: FRAEDGE1515 Ref C: 2022-06-19T07:35:41Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-type: image/gif
content-length: 65
x-li-uuid: AAXhyAjlaK/Im3hBr1KB2g==

Redirect headers

date: Sun, 19 Jun 2022 07:35:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 56EDA2A5983B4358A299C94E14471A8C Ref B: FRAEDGE1511 Ref C: 2022-06-19T07:35:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?pid=660546&conversionId=2387996&fmt=gif&liSync=true&e_ipv6=AQLv1vIkySU7aAAAAYF644wKffUD1w1Xt1JiGXcRJsiFWNKvgZLkUyFsBmbXnhAF
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXhyAja3aye182jP7Hr+Q==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://dc.ads.linkedin.com/collect/?pid=660546&conversionId=1238537&fmt=gif
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D660546%26conversionId%3D1238537%26fmt%3Dgif%26liSync%3Dtrue
https://px.ads.linkedin.com/collect?pid=660546&conversionId=1238537&fmt=gif&liSync=true
https://px4.ads.linkedin.com/collect?pid=660546&conversionId=1238537&fmt=gif&liSync=true&e_ipv6=AQI29di8TNDVuAAAAYF644wKkqJ-t6v0X4dfK6OryKmMJKS1C69IdFtGxPCYDGn7

43 B
219 B

3575ms
3564ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?pid=660546&conversionId=1238537&fmt=gif&liSync=true&e_ipv6=AQI29di8TNDVuAAAAYF644wKkqJ-t6v0X4dfK6OryKmMJKS1C69IdFtGxPCYDGn7
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:42 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 1F5DF1A761264771A9F5654428B0867F Ref B: FRAEDGE1515 Ref C: 2022-06-19T07:35:41Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-type: image/gif
content-length: 65
x-li-uuid: AAXhyAjljQAxh3vcGABF/A==

Redirect headers

date: Sun, 19 Jun 2022 07:35:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3E4ADB19E98447D8A8337D3CDD8AAEF2 Ref B: FRAEDGE1511 Ref C: 2022-06-19T07:35:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?pid=660546&conversionId=1238537&fmt=gif&liSync=true&e_ipv6=AQI29di8TNDVuAAAAYF644wKkqJ-t6v0X4dfK6OryKmMJKS1C69IdFtGxPCYDGn7
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXhyAja3bc3Y3d/KtrIpQ==

GET
H2 200 pixel;r=1047205872;labels=_fp.event.Registration%20Start;source=gtm;event=refresh;rf=0;a=p-9xPpAFMcLk8qV;url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416;uht=2;fpan=0;fpa=P0-824062742...
pixel.quantserve.com/ 35 B
210 B 18ms
18ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1047205872;labels=_fp.event.Registration%20Start;source=gtm;event=refresh;rf=0;a=p-9xPpAFMcLk8qV;url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416;uht=2;fpan=0;fpa=P0-824062742-1655624141146;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=ofx.com;je=0;sr=1600x1200x24;dst=0;et=1655624141351;tzo=0;ogl=

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 140ms
109ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1655624141381&id=t2_dzxz7c4m&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=72e92999-5e7b-4137-a4ed-ec6866c4be78&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_90e98f9f
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=660546&time=1655624141383&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D660546%26time%3D1655624141383%26url%3Dhttps%253A%252F%252Fsecure2.ofx.com%252Freg...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=660546&time=1655624141383&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=660546&time=1655624141383&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&liSync=true&e_ipv6=AQLlJlpmpFz8xQAAAYF644xXPF2tQH_o3rYl5...

0
265 B

3504ms
3503ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=660546&time=1655624141383&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&liSync=true&e_ipv6=AQLlJlpmpFz8xQAAAYF644xXPF2tQH_o3rYl5N5Xa1N45EWbvt2OLxF9aczb0rTM
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3C5C09C249164386B02B8B0C3D8A3953 Ref B: FRAEDGE1515 Ref C: 2022-06-19T07:35:42Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXhyAje1IZIkQcN9IynRw==
x-li-fabric: prod-lor1

Redirect headers

date: Sun, 19 Jun 2022 07:35:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5C5023AEFDB04301B32BC6C5D4562459 Ref B: FRAEDGE1511 Ref C: 2022-06-19T07:35:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=660546&time=1655624141383&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&liSync=true&e_ipv6=AQLlJlpmpFz8xQAAAYF644xXPF2tQH_o3rYl5N5Xa1N45EWbvt2OLxF9aczb0rTM
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXhyAjb/5e0YDvSUbiP1w==

GET
H2 200 adsct
t.co/i/ 43 B
337 B 164ms
130ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=b622137b-24f3-4f80-bf00-1d2c22215a2c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=dcb8da70-2acf-4965-9cec-0a96286043ea&tw_document_href=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nx98b&type=javascript&version=2.4.12

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time: 116
date: Sun, 19 Jun 2022 07:35:40 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 7edcff20f145d1f9fbbcb45d8c50b190dc4e02400c7a6d60c152c94ecd9a2af0
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 161ms
119ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b622137b-24f3-4f80-bf00-1d2c22215a2c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=dcb8da70-2acf-4965-9cec-0a96286043ea&tw_document_href=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nx98b&type=javascript&version=2.4.12

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time: 107
date: Sun, 19 Jun 2022 07:35:41 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: f8295aa33978aa34f3c9b4a8d4dc3f8807839106defd04c3ad54a464906fb768
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
211 B 117ms
116ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=24aaaf1c-a2da-4f3b-a552-5d12831a02b4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=dcb8da70-2acf-4965-9cec-0a96286043ea&tw_document_href=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2w3m&type=javascript&version=2.4.12

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time: 103
date: Sun, 19 Jun 2022 07:35:41 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 7edcff20f145d1f9fbbcb45d8c50b190dc4e02400c7a6d60c152c94ecd9a2af0
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
201 B 138ms
126ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=24aaaf1c-a2da-4f3b-a552-5d12831a02b4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=dcb8da70-2acf-4965-9cec-0a96286043ea&tw_document_href=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2w3m&type=javascript&version=2.4.12

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time: 117
date: Sun, 19 Jun 2022 07:35:41 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: f8295aa33978aa34f3c9b4a8d4dc3f8807839106defd04c3ad54a464906fb768
content-length: 43

GET
H2 200 collect Show response
ssgtm.ofx.com/g/ 65 B
517 B 4089ms
4021ms XHR
text/plain 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssgtm.ofx.com/g/collect?v=2&tid=G-1234&gtm=2oe6f0&_p=47371244&_z=ccd.v9B&cid=1924289760.1655624141&ul=en-us&sr=1600x1200&_fplc=0&_s=1&sid=1655624141&sct=1&seg=0&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&en=search&_fv=1&_ss=1&ep.event_id=1655624141302.320ng7w_search&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1234&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 17203127.js Show response
bat.bing.com/p/action/ 219 B
476 B 315ms
314ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17203127.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

54f61558f392f3074918769943def67b21b839329bdd952912bc2a028e53e09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9BFAA5E8430C4F5FA26F4B25BF386C04 Ref B: FRAEDGE1406 Ref C: 2022-06-19T07:35:41Z
date: Sun, 19 Jun 2022 07:35:41 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 300

GET
H2 204 0
bat.bing.com/action/ 0
175 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17203127&tm=gtm002&Ver=2&mid=9b48c0c3-8b6b-405a-82c0-eda834bccc1e&sid=6bdac460efa211eca1c0631f2744d00f&vid=6bdb06b0efa211ecb866c92f08521e3d&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&p=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&r=&evt=pageLoad&msclkid=N&sv=1&rn=334245

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9560733EF9EB4DF2B90FD81B1AC1FB32 Ref B: FRAEDGE1406 Ref C: 2022-06-19T07:35:41Z
date: Sun, 19 Jun 2022 07:35:41 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1057755629/ 2 KB
2 KB 59ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1057755629/?random=1655624141501&cv=9&fst=1655624141501&num=1&label=0aHxCP2k6ZcBEO2jsPgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&tiba=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cebc448611a00fe5e09e9474ab61c1c34f34b12cc2d04b9edd0056d9bf3f56e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1057755629/ 2 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1057755629/?random=1655624141503&cv=9&fst=1655624141503&num=1&label=mGRzCJnR8ZoBEO2jsPgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&tiba=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

104f75154436f3cb5f1c582f7a3c834852c9eb32fef13c01fadb8ec1b814c516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416 Show response
adservice.google.com/ddm/fls/i/ Frame F000 503 B
868 B 76ms
48ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416

Requested by

Host: 1852302.fls.doubleclick.net
URL: https://1852302.fls.doubleclick.net/activityi;dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dba151be2f4b37e9d3804636e3394347627faf6e6618d7110ee5da751b38e07b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1852302.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 400
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 07:35:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpi... Show response
adservice.google.com/ddm/fls/i/ Frame 5BFF 520 B
477 B 75ms
49ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416

Requested by

Host: 1852302.fls.doubleclick.net
URL: https://1852302.fls.doubleclick.net/activityi;dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d65ffba19998a8654e402b5c9b315e23c53bd813f3f2f8f8461ec55d4338d1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1852302.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 07:35:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 0
bat.bing.com/action/ 0
120 B 38ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17203127&tm=gtm002&Ver=2&mid=9b48c0c3-8b6b-405a-82c0-eda834bccc1e&sid=6bdac460efa211eca1c0631f2744d00f&vid=6bdb06b0efa211ecb866c92f08521e3d&vids=0&ec=pageview&el=pageview&ev=0&gc=USD&tpp=1&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=88664

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1D2D4C1A7ABC401696FF14055D51842E Ref B: FRAEDGE1406 Ref C: 2022-06-19T07:35:41Z
date: Sun, 19 Jun 2022 07:35:41 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 308265223205112 Show response
connect.facebook.net/signals/config/ 27 KB
7 KB 154ms
140ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/308265223205112?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

390d9517065659214a2e78f8b7354a8de49eb171b8bb9d8ef351b952f4cc1ec8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: J11eDUzZbVhln5SxwgO9awIJEwI9iH+6x9KhrlsxDZSypvz5GJlox56PX6oY1WDBdPx4+EycRoZhsEqlygMkmw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 19 Jun 2022 07:35:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655624141685
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1057755629/ 42 B
64 B 74ms
22ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1057755629/?random=1655624141501&cv=9&fst=1655622000000&num=1&label=0aHxCP2k6ZcBEO2jsPgD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&tiba=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&async=1&fmt=3&is_vtc=1&random=1034544070&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1057755629/ 42 B
64 B 43ms
42ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1057755629/?random=1655624141501&cv=9&fst=1655622000000&num=1&label=0aHxCP2k6ZcBEO2jsPgD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&tiba=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&async=1&fmt=3&is_vtc=1&random=1034544070&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1057755629/ 42 B
64 B 73ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1057755629/?random=1655624141503&cv=9&fst=1655622000000&num=1&label=mGRzCJnR8ZoBEO2jsPgD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&tiba=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&async=1&fmt=3&is_vtc=1&random=2756488942&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1057755629/ 42 B
64 B 42ms
41ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1057755629/?random=1655624141503&cv=9&fst=1655622000000&num=1&label=mGRzCJnR8ZoBEO2jsPgD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&tiba=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&async=1&fmt=3&is_vtc=1&random=2756488942&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 fb-capi
centralise.api.wondaris.com/api/oauth/v1.0/webhook/ofx-wondaris-webhook/ Frame 0
0 177ms
120ms Preflight
text/plain 2600:1901:0:e4aa::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://centralise.api.wondaris.com/api/oauth/v1.0/webhook/ofx-wondaris-webhook/fb-capi?token=ed746560-f2ea-49ed-ae4f-f8380dc6db3a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:e4aa:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure2.ofx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://secure2.ofx.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sun, 19 Jun 2022 07:35:41 GMT
server: Google Frontend
strict-transport-security: max-age=7776000; includeSubdomains
via: 1.1 google
x-cloud-trace-context: f34c2f4345e8ced3f95ecbf094e4de48

OPTIONS
H2 204 fb-capi
centralise.api.wondaris.com/api/oauth/v1.0/webhook/ofx-wondaris-webhook/ Frame 0
0 174ms
119ms Preflight
text/plain 2600:1901:0:e4aa::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://centralise.api.wondaris.com/api/oauth/v1.0/webhook/ofx-wondaris-webhook/fb-capi?token=ed746560-f2ea-49ed-ae4f-f8380dc6db3a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:e4aa:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure2.ofx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://secure2.ofx.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sun, 19 Jun 2022 07:35:41 GMT
server: Google Frontend
strict-transport-security: max-age=7776000; includeSubdomains
via: 1.1 google
x-cloud-trace-context: 8519d57dc4acfff27e57adfcaeb9eae8

POST
H3 200 fb-capi Show response
centralise.api.wondaris.com/api/oauth/v1.0/webhook/ofx-wondaris-webhook/ 135 B
143 B 3742ms
3726ms Fetch
application/json 2600:1901:0:e4aa::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://centralise.api.wondaris.com/api/oauth/v1.0/webhook/ofx-wondaris-webhook/fb-capi?token=ed746560-f2ea-49ed-ae4f-f8380dc6db3a

Requested by

Host: static.wondaris.com
URL: https://static.wondaris.com/sdks/webhook-collector-module-webjs-latest.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:e4aa:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

5bed57e3f83ffa425b96df4b1e9687bbc764a0404c63a9582c6ed81e3a28a4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubdomains

Request headers

Accept: application/json
Referer: https://secure2.ofx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 19 Jun 2022 07:35:42 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 3e1fdb2ce91624758c4f954a5338bec7/11420559994465800227;o=1
cache-control: no-cache, private
strict-transport-security: max-age=7776000; includeSubdomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
access-control-expose-headers

POST
H3 200 fb-capi Show response
centralise.api.wondaris.com/api/oauth/v1.0/webhook/ofx-wondaris-webhook/ 135 B
143 B 3742ms
3725ms Fetch
application/json 2600:1901:0:e4aa::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://centralise.api.wondaris.com/api/oauth/v1.0/webhook/ofx-wondaris-webhook/fb-capi?token=ed746560-f2ea-49ed-ae4f-f8380dc6db3a

Requested by

Host: static.wondaris.com
URL: https://static.wondaris.com/sdks/webhook-collector-module-webjs-latest.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:e4aa:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

c9c5950625ab8648dbf6566278609a3097515595af59daef4370075b29fc1e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubdomains

Request headers

Accept: application/json
Referer: https://secure2.ofx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 19 Jun 2022 07:35:42 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 4d47bceec4c4e1a0e9021e4c95a68924/10783275320586169545;o=1
cache-control: no-cache, private
strict-transport-security: max-age=7776000; includeSubdomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
access-control-expose-headers

GET
H2 200 dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416 Show response
adservice.google.de/ddm/fls/i/ Frame E392 194 B
870 B 69ms
45ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COvk0caAufgCFdfZ1Qod9pQCaA;src=1852302;type=webflow;cat=006;ord=2967095213610;gtm=2wg6f0;auiddc=1370641669.1655624141;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 07:35:41 GMT
expires: Sun, 19 Jun 2022 07:35:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpi... Show response
adservice.google.de/ddm/fls/i/ Frame 4BDC 194 B
242 B 68ms
45ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CP7j0caAufgCFbccBgAdOxQHog;src=1852302;type=register;cat=globa0;ord=5827259814067;gtm=2wg6f0;auiddc=1370641669.1655624141;u3=not%20set;~oref=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 07:35:41 GMT
expires: Sun, 19 Jun 2022 07:35:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 123321784986038 Show response
connect.facebook.net/signals/config/ 291 KB
83 KB 154ms
154ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/123321784986038?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30b89a041407e0d3a30432f31db5463670d6722ada06ab3031bef1815d378fee

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: q56E9RY6j+WC4kbbYJRvQKNF6GVoC642CHL1Lh8LMaEqkDYDxURB96/mjPb6UkjujqvR3TPtWK1lv576vt8UfQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 19 Jun 2022 07:35:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655624141863
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 17203127 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 269ms
147ms Script
application/x-javascript 2620:1ec:27::cafe:1994
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/17203127
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/17203127.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1994 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ebf6380ef6ac8d70a0a809b06528bb0bea4c5b130bcd8062a3ba4bd4ee4dc1eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
x-powered-by: ASP.NET
x-azure-ref: 0zdGuYgAAAAAVIiu79tdIRoJzmt8E74+VSEVMMDFFREdFMjEyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 collect Show response
ssgtm.ofx.com/g/ 65 B
422 B 3590ms
3590ms XHR
text/plain 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssgtm.ofx.com/g/collect?v=2&tid=G-1234&gtm=2oe6f0&_p=47371244&_z=ccd.v9B&cid=1924289760.1655624141&ul=en-us&sr=1600x1200&_fplc=0&_s=2&sid=1655624141&sct=1&seg=1&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&en=page_view&ep.event_id=1655624141302.320ng7w_page_view&_et=2&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1234&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-e/s/0.6.34/ 53 KB
23 KB 3415ms
3414ms Script
application/javascript 2620:1ec:27::cafe:1994
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-e/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/17203127
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1994 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:41 GMT
content-encoding: br
etag: "1d880d11ff3a854"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0ztGuYgAAAABNSS0xc8jGQLY9FgdW+1U5SEVMMDFFREdFMjEyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

OPTIONS
H2 200 579828dacb2bcb078f412a23
app.launchdarkly.com/sdk/goals/ Frame 0
0 3307ms
8ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/579828dacb2bcb078f412a23

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://secure2.ofx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sun, 19 Jun 2022 07:35:45 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn4077-HHN
x-timer: S1655624146.519545,VS0,VE1

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjZjNGFlMWYwLWVmYTItMTFlYy04NTM3LTExNTM4YWQ1YzE4YiJ9
app.launchdarkly.com/sdk/evalx/579828dacb2bcb078f412a23/users/ Frame 0
0 3296ms
7ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/579828dacb2bcb078f412a23/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjZjNGFlMWYwLWVmYTItMTFlYy04NTM3LTExNTM4YWQ1YzE4YiJ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://secure2.ofx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sun, 19 Jun 2022 07:35:45 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn4077-HHN
x-timer: S1655624146.519517,VS0,VE0

GET
H2 200 579828dacb2bcb078f412a23 Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 8ms
7ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/579828dacb2bcb078f412a23

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/_next/static/chunks/pages/_app-907265794e7a92c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://secure2.ofx.com/
X-LaunchDarkly-Wrapper: react-client-sdk/0.0.1
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.18.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Sun, 19 Jun 2022 07:35:45 GMT
content-length: 26
x-served-by: cache-hhn4077-HHN
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1655624146.530123,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 3281ms
3281ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=47371244&t=pageview&_s=1&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&ul=en-us&de=UTF-8&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAiEABRAAAAE~&jid=&gjid=&cid=1924289760.1655624141&tid=UA-2217750-36&_gid=682679000.1655624141&gtm=2wg6f0KRLZFR3&cd2=1924289760.1655624141&cd4=not%20set&cd16=1924289760.1655624141&cd17=0&z=837201048

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Jun 2022 11:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71576
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjZjNGFlMWYwLWVmYTItMTFlYy04NTM3LTExNTM4YWQ1YzE4YiJ9 Show response
app.launchdarkly.com/sdk/evalx/579828dacb2bcb078f412a23/users/ 6 KB
2 KB 18ms
16ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/579828dacb2bcb078f412a23/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjZjNGFlMWYwLWVmYTItMTFlYy04NTM3LTExNTM4YWQ1YzE4YiJ9
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/_next/static/chunks/pages/_app-907265794e7a92c4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3f90eda487e6f957011b52ad4dc467f5e25071ab5ddb55a1a7d52bf940bdc39f

Request headers

Referer: https://secure2.ofx.com/
X-LaunchDarkly-Wrapper: react-client-sdk/0.0.1
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.18.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:45 GMT
content-encoding: gzip
vary: Authorization, Accept-Encoding
age: 0
x-cache: MISS
content-length: 1181
x-served-by: cache-hhn4074-HHN, cache-hhn4077-HHN
access-control-allow-origin: *
x-timer: S1655624146.530140,VS0,VE9
etag: "2319dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 3214ms
3214ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=47371244&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&ul=en-us&de=UTF-8&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Registration%20steps&ea=Select%20Account&el=Step0&_u=aDDAiEABRAAAAE~&jid=&gjid=&cid=1924289760.1655624141&tid=UA-2217750-36&_gid=682679000.1655624141&gtm=2wg6f0KRLZFR3&cd2=1924289760.1655624141&cd4=not%20set&cd16=1924289760.1655624141&cd17=0&z=821771628

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Jun 2022 11:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71576
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
299 B 3217ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=308265223205112&ev=PageView&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&rl=&if=false&ts=1655624142301&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655624142300.792571236&it=1655624141533&coo=false&eid=1655624141302.320ng7w_page_view&tm=1&exp=p0&rqm=GET

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 19 Jun 2022 07:35:45 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 3217ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=308265223205112&ev=Search&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&rl=&if=false&ts=1655624142302&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=28&fbp=fb.1.1655624142300.792571236&it=1655624141533&coo=false&eid=1655624141302.320ng7w_search&tm=1&exp=p0&rqm=GET

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 19 Jun 2022 07:35:45 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 3217ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=123321784986038&ev=PageView&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&rl=&if=false&ts=1655624142303&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655624142300.792571236&it=1655624141533&coo=false&eid=1a0a94e5-8774-48d2-9d3d-d2e071d55216&tm=1&exp=p0&rqm=GET

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 19 Jun 2022 07:35:45 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 3217ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=123321784986038&ev=Search&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&rl=&if=false&ts=1655624142304&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1655624142300.792571236&it=1655624141533&coo=false&eid=3b3db8a8-5849-4aaf-a73c-162faac204ad&tm=1&exp=p0&rqm=GET

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 19 Jun 2022 07:35:45 GMT

GET
H2 200 ciutadella_rounded_regular-webfont.ttf
secure2.ofx.com/static/fonts/ 95 KB
38 KB 3467ms
3466ms Font
font/ttf 3.106.21.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.ofx.com/static/fonts/ciutadella_rounded_regular-webfont.ttf

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/static/css/font-face.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.21.251 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-21-251.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

a5da37266f785443ec37d884a24de60cd5c9c0292baf516e754574925db1dbf2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure2.ofx.com/static/css/font-face.css
Origin: https://secure2.ofx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:45 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 04:19:49 GMT
x-frame-options: SAMEORIGIN
etag: W/"17c04-1816fe37e88"
vary: Origin, Accept-Encoding
content-type: font/ttf
access-control-allow-origin: https://secure2.ofx.com
access-control-expose-headers: X-OFX-CorrelationId
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v24/ 35 KB
36 KB 3218ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v24/XRXV3I6Li01BKofINeaBTMnFcQ.woff2

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a5e5885a7215bd169ca385a4b9749669dd785ebc39007c874ea79a70544f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure2.ofx.com/
Origin: https://secure2.ofx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 10:59:17 GMT
x-content-type-options: nosniff
age: 506188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35840
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:27:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 10:59:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 1717ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=123321784986038&ev=Microdata&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&rl=&if=false&ts=1655624143805&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=30&fbp=fb.1.1655624142300.792571236&it=1655624141533&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 19 Jun 2022 07:35:45 GMT

GET
H2 200 eyJrZXkiOiJjYWUwMzJjMC0xOTc5LTExZWItODNhZS01YmVjNTdjNjA0ZjIiLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJpc29MZWdhbEVudGl0eSI6Ik9GWC1BVSJ9fQ Show response
app.launchdarkly.com/sdk/evalx/579828dacb2bcb078f412a23/users/ 6 KB
1 KB 20ms
20ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/579828dacb2bcb078f412a23/users/eyJrZXkiOiJjYWUwMzJjMC0xOTc5LTExZWItODNhZS01YmVjNTdjNjA0ZjIiLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJpc29MZWdhbEVudGl0eSI6Ik9GWC1BVSJ9fQ
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/_next/static/chunks/pages/_app-907265794e7a92c4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0efed9b369f5d3000b56dd3d574a362b851891d06576540d726510035982ad06

Request headers

Referer: https://secure2.ofx.com/
X-LaunchDarkly-Wrapper: react-client-sdk/0.0.1
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.18.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:45 GMT
content-encoding: gzip
vary: Authorization, Accept-Encoding
age: 0
x-cache: HIT
content-length: 1182
x-served-by: cache-hhn4052-HHN, cache-hhn4077-HHN
access-control-allow-origin: *
x-timer: S1655624146.592615,VS0,VE1
etag: "2319dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

GET eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjZjNGFlMWYwLWVmYTItMTFlYy04NTM3LTExNTM4YWQ1YzE4YiJ9
clientstream.launchdarkly.com/eval/579828dacb2bcb078f412a23/ 0
0

OPTIONS
H2 200 eyJrZXkiOiJjYWUwMzJjMC0xOTc5LTExZWItODNhZS01YmVjNTdjNjA0ZjIiLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJpc29MZWdhbEVudGl0eSI6Ik9GWC1BVSJ9fQ
app.launchdarkly.com/sdk/evalx/579828dacb2bcb078f412a23/users/ Frame 0
0 7ms
4ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/579828dacb2bcb078f412a23/users/eyJrZXkiOiJjYWUwMzJjMC0xOTc5LTExZWItODNhZS01YmVjNTdjNjA0ZjIiLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJpc29MZWdhbEVudGl0eSI6Ik9GWC1BVSJ9fQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://secure2.ofx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sun, 19 Jun 2022 07:35:45 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-served-by: cache-hhn4077-HHN
x-timer: S1655624146.575793,VS0,VE0

GET
H2 200 eyJrZXkiOiJjYWUwMzJjMC0xOTc5LTExZWItODNhZS01YmVjNTdjNjA0ZjIiLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJpc29MZWdhbEVudGl0eSI6Ik9GWC1BVSJ9fQ
clientstream.launchdarkly.com/eval/579828dacb2bcb078f412a23/ 6 KB
0 55ms
42ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/579828dacb2bcb078f412a23/eyJrZXkiOiJjYWUwMzJjMC0xOTc5LTExZWItODNhZS01YmVjNTdjNjA0ZjIiLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJpc29MZWdhbEVudGl0eSI6Ik9GWC1BVSJ9fQ

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://secure2.ofx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:35:45 GMT
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST
H2 204 collect Show response
l.clarity.ms/ 0
176 B 372ms
182ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/_next/static/chunks/pages/_app-907265794e7a92c4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure2.ofx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://secure2.ofx.com
date: Sun, 19 Jun 2022 07:35:45 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

OPTIONS
H2 204 579828dacb2bcb078f412a23
events.launchdarkly.com/events/diagnostic/ Frame 0
0 302ms
98ms Preflight 34.225.246.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/579828dacb2bcb078f412a23

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.246.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-246-47.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://secure2.ofx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sun, 19 Jun 2022 07:35:46 GMT
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 291ms
95ms Script
application/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/registration?pid=12416
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 07:35:46 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Thu, 16 Jun 2022 05:18:41 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Tue, 18 Jun 2024 07:35:46 GMT

GET
H2 200 core.js Show response
sleeknotestaticcontent.sleeknote.com/ 5 KB
3 KB 62ms
7ms Script
application/javascript 65.9.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Requested by: Host: sleeknotecustomerscripts.sleeknote.com
URL: https://sleeknotecustomerscripts.sleeknote.com/21647.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa6a4e6e6772eb8c8792ddd9dd88c84397ad20f936fbebc3d385f7420910b4e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 09:12:13 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 09:11:52 GMT
server: AmazonS3
age: 167013
etag: W/"58428a1a00ba106d158f6362c42cdb8d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: hPXHYYHukdt.by2vF855b2wp_Fk26w3A
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: GqPDj3GtNh3AiNTqiOiU3GBH361jlwSzj41cXyuDxcUtfGWF3yCr4g==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E614BE2F3EDB4AC281D9567796C1469D&RedC=c.clarity.ms&MXFR=3B8DE7F6C08E69232929F63EC48E6703
https://c.clarity.ms/c.gif?CtsSyncId=E614BE2F3EDB4AC281D9567796C1469D&MUID=1D5012960ACD68E73F9F035E0BA66995

42 B
368 B

27ms
26ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E614BE2F3EDB4AC281D9567796C1469D&MUID=1D5012960ACD68E73F9F035E0BA66995
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:45 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E11652395F9547EB81BBA0688E1AFBD3 Ref B: FRAEDGE1406 Ref C: 2022-06-19T07:35:45Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E614BE2F3EDB4AC281D9567796C1469D&MUID=1D5012960ACD68E73F9F035E0BA66995
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 202 579828dacb2bcb078f412a23 Show response
events.launchdarkly.com/events/diagnostic/ 0
345 B 100ms
99ms XHR
application/json 34.225.246.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/579828dacb2bcb078f412a23

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/_next/static/chunks/pages/_app-907265794e7a92c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.246.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-246-47.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://secure2.ofx.com/
X-LaunchDarkly-Wrapper: react-client-sdk/0.0.1
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.18.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 19 Jun 2022 07:35:46 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 package-core-boot.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 113 KB
36 KB 9ms
9ms Script
application/javascript 65.9.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdcfc7fbf48e753a3005109facabfebe6e7ea349e2a8d7ebe6fe49264c0b6ac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: 4l6V4uGxnbE5pzSTzHJtXeG7FYOl1QLH
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 09:11:51 GMT
server: AmazonS3
age: 54
etag: W/"3dde54a53c5c7c5b4cfc2515b30963f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control: no-cache
date: Sun, 19 Jun 2022 07:35:45 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: jXQfj0FE_Sg49CmXB4nMxk5_SrbpdOEhWCXIuD8S9wKyW0mSionMEA==

GET
H2 200 package-tracker.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 13 KB
6 KB 9ms
9ms Script
application/javascript 65.9.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/package-tracker.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fae20906673a26a0f1a80ad8d00877ba62da95df7ef5deaacbff58a14d19e5d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: sttrNtCrQhHcF1tQmb29XxDpklL2nSTW
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 09:11:51 GMT
server: AmazonS3
age: 35
etag: W/"5a7c807efba570fca7b9c0a61bb6562f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control: no-cache
date: Sun, 19 Jun 2022 07:35:45 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: J8qZHfts8vJrMZJRpyEllr88aRSwTgbvzj21rItjLc9cJKI2xNL0Tg==

GET
H2 200 /
analytics.sleeknote.com/ 35 B
230 B 49ms
18ms Image
image/gif 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.sleeknote.com/?v8=2_pageview&v0=547beb2a56f5a7b830e7fe0993a22813&v3=2022-06-19T07%3A35%3A45Z&v6=2022-06-19T07%3A35%3A45Z&v20=true&v25=true&v27=0&s4=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&s9=https%3A&s11=%2Fregistration&s12=%3Fpid%3D12416&s13=&s2=OFX+%7C+International+Money+Transfers+%26+Currency+Exchange&c1=&s7=en-US&v5=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F102.0.5005.115+Safari%2F537.36&v22=chrome&v23=102&v24=windows&v26=desktop&v21=ab0915e4-cd89-4184-bcee-1b4b857346e9&s1=21647&s3=secure2.ofx.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2015.1e100.net

Software

/ Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:45 GMT
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 35
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=47371244&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&ul=en-us&de=UTF-8&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=7pk94g&_u=aDDAiEABRAAAAE~&jid=&gjid=&cid=1924289760.1655624141&tid=UA-2217750-36&_gid=682679000.1655624141&gtm=2wg6f0KRLZFR3&cd2=&cd4=not%20set&cd16=false&cd17=0&z=1277737730

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Jun 2022 11:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71577
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 457ms
456ms Script
text/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1046&account_id=252972&title=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-208-125-13.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

724c067ac9fb7b74ba739846229fd53d016bce7d69fed416adc9d2e382ac9199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 19 Jun 2022 07:35:46 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
Connection: keep-alive
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Content-Length: 552
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QR4C9L8X2C&gtm=2oe6f0&_p=47371244&_z=ccd.v9B&cid=1924289760.1655624141&ul=en-us&sr=1600x1200&_s=2&sid=1655624140&sct=1&seg=0&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&en=scroll&epn.percent_scrolled=90&_et=161
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QR4C9L8X2C&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EYPB30L58Z&gtm=2oe6f0&_p=47371244&_z=ccd.v9B&cid=1924289760.1655624141&ul=en-us&sr=1600x1200&ir=1&_eu=Q&_s=2&sid=1655624140&sct=1&seg=0&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYPB30L58Z&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TFB8GGR3P6&gtm=2oe6f0&_p=47371244&_z=ccd.v9B&cid=1924289760.1655624141&ul=en-us&sr=1600x1200&ir=1&_eu=Q&sid=1655624140&sct=1&seg=1&dl=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&dt=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TFB8GGR3P6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure2.ofx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 07:35:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure2.ofx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK analytics Show response
go.message.ofx.com/ 50 B
1 KB 666ms
192ms Script
text/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.message.ofx.com/analytics?conly=true&visitor_id=671648107&visitor_id_sign=5d0538c0f5f41c02473c49c26087548192bbef82b7e194019964f51bf2e052f5454164971e9beb4b8dd82db9e5e56b2acd6815c6&pi_opt_in=&campaign_id=1046&account_id=252972&title=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1046&account_id=252972&title=OFX%20%7C%20International%20Money%20Transfers%20%26%20Currency%20Exchange&url=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure2.ofx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 19 Jun 2022 07:35:47 GMT
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 204 collect Show response
l.clarity.ms/ 0
49 B 92ms
92ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: secure2.ofx.com
URL: https://secure2.ofx.com/_next/static/chunks/pages/_app-907265794e7a92c4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure2.ofx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://secure2.ofx.com
date: Sun, 19 Jun 2022 07:35:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

OPTIONS
H2 204 579828dacb2bcb078f412a23
events.launchdarkly.com/events/bulk/ Frame 0
0 98ms
98ms Preflight 34.225.246.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/579828dacb2bcb078f412a23

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.246.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-246-47.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://secure2.ofx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sun, 19 Jun 2022 07:35:47 GMT
strict-transport-security: max-age=31536000

POST
H2 202 579828dacb2bcb078f412a23 Show response
events.launchdarkly.com/events/bulk/ 0
345 B 104ms
102ms XHR
application/json 34.225.246.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/579828dacb2bcb078f412a23

Requested by

Host: secure2.ofx.com
URL: https://secure2.ofx.com/_next/static/chunks/pages/_app-907265794e7a92c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.246.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-246-47.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: 6f9f6420-efa2-11ec-8537-11538ad5c18b
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.18.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json
Referer: https://secure2.ofx.com/
X-LaunchDarkly-Wrapper: react-client-sdk/0.0.1

Response headers

date: Sun, 19 Jun 2022 07:35:47 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: clientstream.launchdarkly.com
URL: https://clientstream.launchdarkly.com/eval/579828dacb2bcb078f412a23/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjZjNGFlMWYwLWVmYTItMTFlYy04NTM3LTExNTM4YWQ1YzE4YiJ9

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ofx.com/	1970-01-20 06:03:20	Name: _gcl_au Value: 1.1.1370641669.1655624141
.ofx.com/	1970-01-20 21:24:56	Name: _ga_QR4C9L8X2C Value: GS1.1.1655624140.1.0.1655624140.60
.ofx.com/	1970-01-20 03:55:10	Name: _gid Value: GA1.2.682679000.1655624141
.ofx.com/	1970-01-20 03:53:44	Name: _dc_gtm_UA-2217750-36 Value: 1
.ofx.com/	1970-01-20 21:24:56	Name: _ga_EYPB30L58Z Value: GS1.1.1655624140.1.0.1655624141.59
.quantserve.com/	1970-01-20 13:23:58	Name: mc Value: 62aed1cd-27161-de6b9-65624
.ofx.com/	1970-01-20 13:18:12	Name: __qca Value: P0-824062742-1655624141146
.ofx.com/	1970-01-20 06:03:20	Name: _rdt_uuid Value: 1655624141381.72e92999-5e7b-4137-a4ed-ec6866c4be78
.bing.com/	1970-01-20 13:15:20	Name: MUID Value: 1D5012960ACD68E73F9F035E0BA66995
.ofx.com/	1970-01-20 21:24:56	Name: _ga_1234 Value: GS1.1.1655624141.1.1.1655624141.0
.ofx.com/	1970-01-20 12:39:20	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Jun+19+2022+07%3A35%3A41+GMT%2B0000+(GMT)&version=6.30.0&isIABGlobal=false&hosts=&consentId=b36d5050-dd38-41b9-98a9-d21dbca8cdb7&interactionCount=0&landingPath=https%3A%2F%2Fsecure2.ofx.com%2Fregistration%3Fpid%3D12416&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.ofx.com/	1970-01-20 03:55:10	Name: _uetsid Value: 6bdac460efa211eca1c0631f2744d00f
.ofx.com/	1970-01-20 13:15:20	Name: _uetvid Value: 6bdb06b0efa211ecb866c92f08521e3d
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.doubleclick.net/	1970-01-20 13:15:20	Name: IDE Value: AHWqTUmlEn5mJ_utzNq02yY9RcRuA-mthm2M5MDRScrwC1CakjAjIhv62T17xg_v
.t.co/	1970-01-20 21:24:56	Name: muc_ads Value: 1d7d50b4-7ead-42df-b946-adac6bd05a0c
.linkedin.com/	1970-01-20 04:36:56	Name: UserMatchHistory Value: AQJwGo0gAjNTaQAAAYF644rGtvsGR8XoNXeVg0skHvU0ZULUWZCh3bLDImJ8fr6frUYRvUYvERn3hw
.linkedin.com/	1970-01-20 04:36:56	Name: AnalyticsSyncHistory Value: AQIf4cg0-pPBzAAAAYF644rGAOJdPksrXSDtI5yRc-WGTQX7obBg8qocXw1RLrKcetUgfFz8cTyMOrkGs3G7gA
.linkedin.com/	1970-01-20 21:25:37	Name: bcookie Value: "v=2&0485f892-0997-44da-84d7-99d3b73bc362"
.linkedin.com/	1970-01-20 03:55:10	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2745:u=1:x=1:i=1655624141:t=1655710541:v=2:sig=AQEQA8145MgPZ0yx_aDGOpMJsdrcTiu2"
.twitter.com/	1970-01-20 21:24:56	Name: personalization_id Value: "v1_x6+DDfODLnrkXfqoIV+O6g=="
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:25:37	Name: bscookie Value: "v=1&20220619073541129c867e-e06d-4bef-8490-440e744ada40AQFbpseZd2KN-Z4VMtgzfZjqqUcYMw9V"
.linkedin.com/	1970-01-20 21:11:33	Name: li_gc Value: MTswOzE2NTU2MjQxNDE7MjswMjHfmeIECRQUkaaNAfKNeh/4LNkZXJzz7eTF+4E7Pb35fg==
www.clarity.ms/	1970-01-20 12:39:20	Name: CLID Value: 937bcc122cd34181a1590751d3a4d717.20220619.20230619
.ofx.com/	1970-01-20 21:24:56	Name: _ga Value: GA1.2.1924289760.1655624141
.ofx.com/	1970-01-20 21:24:56	Name: _ga_TFB8GGR3P6 Value: GS1.1.1655624140.1.1.1655624142.58
.ofx.com/	1970-01-20 04:36:56	Name: PARTNER Value: 12416
.ofx.com/	1970-01-20 06:03:20	Name: _fbp Value: fb.1.1655624142300.792571236
.ofx.com/	1970-01-20 21:24:56	Name: FPID Value: FPID2.2.Cwf5ynJ8EvmHSrStziPp785vksKNPYrddCxCr2OJ7fg%3D.1655624141
.ofx.com/	1970-01-20 03:54:56	Name: FPLC Value: k13T6AeF0Dl%2BVYfYmjgnRr4XELtCTE0Q2d96eiIusNiMBjWGyc0%2FVjrpn%2B8heJUF%2FBM4oi4T3mDVc2gE1f5PlzzV3%2F39MhEbSjm%2B7MY%2B924M5WmCFoYqhDY7vQ4SIQ%3D%3D
.ofx.com/	1970-01-20 12:39:20	Name: _clck Value: pxdd1t\|1\|f2g\|0
secure2.ofx.com/	1969-12-31 23:59:59	Name: SNS Value: 1
secure2.ofx.com/	1970-01-20 12:39:20	Name: _sn_m Value: {"r":{"n":1}}
secure2.ofx.com/	1970-01-20 12:39:20	Name: _sn_n Value: {"a":{"i":"ab0915e4-cd89-4184-bcee-1b4b857346e9"}}
secure2.ofx.com/	1970-01-20 12:39:20	Name: _sn_a Value: {"a":{"s":1655624145916},"v":"4dcb309d-614b-4be2-b09c-25736da2fb8b"}
.c.bing.com/	1970-01-20 13:15:20	Name: SRM_B Value: 1D5012960ACD68E73F9F035E0BA66995
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:15:20	Name: MUID Value: 1D5012960ACD68E73F9F035E0BA66995
.c.clarity.ms/	1970-01-20 03:53:44	Name: ANONCHK Value: 0
.ofx.com/	1970-01-20 03:55:10	Name: _clsk Value: 7pk94g\|1655624146006\|1\|1\|l.clarity.ms/collect
.pardot.com/	1970-01-23 19:29:44	Name: visitor_id251972 Value: 671648107
.pardot.com/	1970-01-23 19:29:44	Name: visitor_id251972-hash Value: 5d0538c0f5f41c02473c49c26087548192bbef82b7e194019964f51bf2e052f5454164971e9beb4b8dd82db9e5e56b2acd6815c6
pi.pardot.com/	1970-01-20 03:53:45	Name: lpv251972 Value: aHR0cHM6Ly9zZWN1cmUyLm9meC5jb20vcmVnaXN0cmF0aW9uP3BpZD0xMjQxNg%3D%3D
secure2.ofx.com/	1970-01-23 19:29:44	Name: visitor_id251972 Value: 671648107
secure2.ofx.com/	1970-01-23 19:29:44	Name: visitor_id251972-hash Value: 5d0538c0f5f41c02473c49c26087548192bbef82b7e194019964f51bf2e052f5454164971e9beb4b8dd82db9e5e56b2acd6815c6
go.message.ofx.com/	1970-01-23 19:29:44	Name: visitor_id251972 Value: 671648107
go.message.ofx.com/	1970-01-23 19:29:44	Name: visitor_id251972-hash Value: 5d0538c0f5f41c02473c49c26087548192bbef82b7e194019964f51bf2e052f5454164971e9beb4b8dd82db9e5e56b2acd6815c6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1852302.fls.doubleclick.net
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.sleeknote.com
analytics.twitter.com
app.launchdarkly.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.cookielaw.org
cdn.mouseflow.com
cdnjs.cloudflare.com
centralise.api.wondaris.com
clientstream.launchdarkly.com
connect.facebook.net
dc.ads.linkedin.com
events.launchdarkly.com
fonts.gstatic.com
geolocation.onetrust.com
go.message.ofx.com
googleads.g.doubleclick.net
l.clarity.ms
pi.pardot.com
pixel.quantserve.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
rules.quantcount.com
secure.quantserve.com
secure2.ofx.com
sleeknotecustomerscripts.sleeknote.com
sleeknotestaticcontent.sleeknote.com
snap.licdn.com
ssgtm.ofx.com
static.ads-twitter.com
static.wondaris.com
stats.g.doubleclick.net
t.co
us.ofx.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
clientstream.launchdarkly.com
104.244.42.3
104.244.42.5
13.107.42.14
142.250.184.230
142.250.185.98
143.204.215.92
151.101.1.140
151.101.130.217
151.139.128.11
18.208.125.13
199.232.136.157
20.120.65.166
20.234.93.27
2001:4860:4802:34::15
2001:4860:4802:34::36
216.239.32.21
2600:1901:0:e4aa::
2600:9000:206f:3e00:6:44e3:f8c0:93a1
2606:4700:10::6814:b844
2606:4700::6810:9440
2606:4700::6811:180e
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2620:1ec:27::cafe:1994
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::2004
2a00:1450:4001:828::2003
2a00:1450:400c:c07::9b
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:200::396
3.106.14.21
3.106.21.251
34.225.246.47
35.190.6.239
52.54.96.194
65.9.66.11
76.223.31.44
01c2ddf68eaf07e408a6dc118d6c237ae302709a919772698d9dc03419e4ca30
03a5e5885a7215bd169ca385a4b9749669dd785ebc39007c874ea79a70544f91
049bdc024a34b1d2e6a29de1f6f8bb1da11a991f5727708a914556cdd57f1949
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0cebc448611a00fe5e09e9474ab61c1c34f34b12cc2d04b9edd0056d9bf3f56e
0efed9b369f5d3000b56dd3d574a362b851891d06576540d726510035982ad06
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
104f75154436f3cb5f1c582f7a3c834852c9eb32fef13c01fadb8ec1b814c516
10b01b91196b14e071ba9d07a538fd37dbad2aea74ba9c0cd0c3d73e9db2b6c4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
173a28b9db21befbd1706bf63748b66d71de38392d62c0d872b331404b4e3047
1a46f267ccf978edab204d0c7c96a2553ec259bf09ab9b9f67d957b26de8426d
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
27b37d9ef027c0ce021bb0804996abd5b493cf2f93f3e8c2fa3ddb8f60872dfc
29cf5c2bf1fe770f55ed88a1454d7db11f3e8e58cb80b24930448a11103fb53e
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
2f7ac39d5008a07cafebc020f9e2b03ec506750142df560dfee33d26e484b0bd
30b89a041407e0d3a30432f31db5463670d6722ada06ab3031bef1815d378fee
317efa78a9c9f1e550da5614b0391f6a3d19b8c78df22787bbcb38127a4d663e
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
33e8699ac896ce6a94bd40b69c442a453c73d0e7b3f30862e1c0bd8c39718402
361d8a14404ef54f4c294433b1328aaeafd5610922acef2877152ba7c72bada2
372baf2dfb2f7c27c4f9c795ebf5b5f47faa569dccf1cf45cc0823ef6096dfdc
390d9517065659214a2e78f8b7354a8de49eb171b8bb9d8ef351b952f4cc1ec8
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3f90eda487e6f957011b52ad4dc467f5e25071ab5ddb55a1a7d52bf940bdc39f
493b01100406cb166d993b701469a3864a0c6377d48a9c1cf1a0e4ef633438d4
4a23d89046025811db05e44c327b9d4d02b23874663aacc3c1ca7703f3f455d0
4b4000a8d9b526af8afc4e045090391ed19820ff676ddb738777488d212f30e3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
508acb5527a8de621799da3e9624bb49b7ce151e42d9b3bb2f54c97f35059090
54f61558f392f3074918769943def67b21b839329bdd952912bc2a028e53e09c
55b3d1a2e461c6c7f3a881008c4304d2ba60fe969e0371e14bab273b48c77d86
5bed57e3f83ffa425b96df4b1e9687bbc764a0404c63a9582c6ed81e3a28a4a0
64a2e608499d1ac09253366063f0722c3f373622e94fdb667aea082b679916e2
68321825751a9924e02c73b23088f8711e279be4177ec5128e1c5617fa1cc1de
69c86ea4dfcd7a770f1f6c0253975c879dc6c27cbe757f76296cc2988a561e88
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724c067ac9fb7b74ba739846229fd53d016bce7d69fed416adc9d2e382ac9199
794817ce5f63fb881869fa4efd4f416515eb84d8846f3309ca963a94a0e44814
7f5aa1a6397018864bd64b633369c1ccf5402d05d6a61a96f2a52baa82d68185
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85ed006978a58b57bcdc304eb13c9ca777366512d3f32f1fb3a5f0a7043ae24a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8fa44b5c4e8e4e770d3a64256f67c428806196e7ff332a09719d318b4a28993a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ad58ad515a564611f56bbc81032e7f58550c343caca5ae1e73ee288b0d7cd7c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a319aee8ab506984490fc291314e6e3a11b0cea21b108c0287272b377c8abad4
a5da37266f785443ec37d884a24de60cd5c9c0292baf516e754574925db1dbf2
a78236fbdc63d74608e7e9031e7f4d4944f43c96d3deda317293b7d5e406d830
a85327329f85b3731f132a2dd114ba20cf16d56d8045bc37bf14c0cf135103c5
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
aa6a4e6e6772eb8c8792ddd9dd88c84397ad20f936fbebc3d385f7420910b4e2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b01be6854b5493e7059b693fb21481fb9092d6a4743a3aab1286d5d01126d628
c699631f444d4a658a133e0904c6bd794a0270d1d58f03a04527d2838965763f
c72e4be919a8267f2487f5df30048cce6975648295de923d1b253a2ebddbed9a
c9c5950625ab8648dbf6566278609a3097515595af59daef4370075b29fc1e24
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
d307ce5450c7685f310308f021c22892042b0a653474e1260b34f7bd42425f24
d65ffba19998a8654e402b5c9b315e23c53bd813f3f2f8f8461ec55d4338d1be
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dba151be2f4b37e9d3804636e3394347627faf6e6618d7110ee5da751b38e07b
dc636a5f2a5c6882dd7fd47da7adeb442736356e2715a2394671423df5eeccc6
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b4e4292c060e7df4e80f8b8aac4c5f6c40792ce3c9aeca31bba5b69d055ad5
e4d6e4a736028d336663135abbd7657f07300567c1d0c8aa8874787572c47df5
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926
ebf6380ef6ac8d70a0a809b06528bb0bea4c5b130bcd8062a3ba4bd4ee4dc1eb
ecb03a1be4044432373952d3adf2e0746cc17db625f5c2372d017b1e630944e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4d59b7fd821ed5a28603dee29a58f074f99a9366ff4563f04fc577aa01238e
f3314351cf0bf8ab92674e44d774eded139b04545792f8258d370ff26f05c721
f996e03b0fb822d704f3fdc1b5a1a7064e7ea9a9c07b74eb1aa884e709914e5d
faa7108b3869d33eba5ea9494c01c5a27255f6ed6aae06e6940baeba4c7dbdfd
fae20906673a26a0f1a80ad8d00877ba62da95df7ef5deaacbff58a14d19e5d9
faf338bdd78f8b52acf75b8e649bfcdaf8d8d5aa9052e7764468853764f9d811
fdcfc7fbf48e753a3005109facabfebe6e7ea349e2a8d7ebe6fe49264c0b6ac2

secure2.ofx.com Open in urlscan Pro 3.106.21.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

95 %HTTPS

52 %IPv6

29 Domains

49 Subdomains

43 IPs

5 Countries

1538 kBTransfer

5036 kBSize

48 Cookies

2 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure2.ofx.com Open in urlscan Pro
3.106.21.251 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

95 %
HTTPS

52 %
IPv6

29
Domains

49
Subdomains

43
IPs

5
Countries

1538 kB
Transfer

5036 kB
Size

48
Cookies

134 HTTP transactions
1 data transactions