urlscan.io logo urlscan.io
SecurityTrails logo

www.jetbluemastercard.com Open in urlscan Pro
167.203.49.81  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.jetbluemastercard.com/servicing/payment
Effective URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Submission: On June 09 via manual from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 7 countries across 21 domains to perform 64 HTTP transactions. The main IP is 167.203.49.81, located in United Kingdom and belongs to BARCLAYS-CAPITAL, US. The main domain is www.jetbluemastercard.com. The Cisco Umbrella rank of the primary domain is 751499.
TLS certificate: Issued by Entrust Certification Authority - L1M on October 19th 2021. Valid for: a year.
This is the only time www.jetbluemastercard.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

IP Address AS Autonomous System
1 5 167.203.49.81 6303 (BARCLAYS-...)
30 23.75.235.48 16625 (AKAMAI-AS)
1 10 34.248.99.56 16509 (AMAZON-02)
1 34.248.26.113 16509 (AMAZON-02)
2 13.36.218.177 16509 (AMAZON-02)
8 8 63.32.153.188 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
8 9 142.250.185.226 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
6 12 52.214.225.206 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 35.186.212.60 15169 (GOOGLE)
2 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 1 2600:1901:0:8... 15169 (GOOGLE)
2 2 99.86.4.12 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
7 7 151.101.2.49 54113 (FASTLY)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 184.87.213.8 16625 (AKAMAI-AS)
1 2 37.252.172.123 29990 (ASN-APPNEX)
1 35.244.159.8 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2 34.237.85.252 14618 (AMAZON-AES)
64 18
5    167.203.49.81 (United Kingdom)

ASN6303 (BARCLAYS-CAPITAL, US)
www.jetbluemastercard.com
30    23.75.235.48 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-235-48.deploy.static.akamaitechnologies.com
static.barclaycardus.com
gif.barclaycardus.com
10    34.248.99.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-99-56.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.248.26.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
barclaybankdelaware.demdex.net
2    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
metrics.barclaycardus.com
8    63.32.153.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-153-188.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
9    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
12    52.214.225.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    35.186.212.60 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com
tag.yieldoptimizer.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
2    99.86.4.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-12.fra6.r.cloudfront.net
ads.scorecardresearch.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
7    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    184.87.213.8 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-8.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    34.237.85.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-85-252.compute-1.amazonaws.com
mid.rkdms.com
Apex Domain
Subdomains		 Transfer
32 barclaycardus.com
static.barclaycardus.com — Cisco Umbrella Rank: 64851
gif.barclaycardus.com — Cisco Umbrella Rank: 53632
metrics.barclaycardus.com — Cisco Umbrella Rank: 56744
metrics-prod.barclaycardus.com Failed
791 KB
27 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 854
pixel.everesttech.net — Cisco Umbrella Rank: 2966
sync-tm.everesttech.net — Cisco Umbrella Rank: 595
11 KB
11 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
barclaybankdelaware.demdex.net — Cisco Umbrella Rank: 48589
14 KB
9 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 199
1 KB
5 jetbluemastercard.com
www.jetbluemastercard.com — Cisco Umbrella Rank: 751499
77 KB
2 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1110
71 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 495
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 225
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
2 KB
2 scorecardresearch.com
ads.scorecardresearch.com — Cisco Umbrella Rank: 2122
696 B
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
790 B
2 yieldoptimizer.com
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4229
893 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 828
451 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 360
275 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 317
239 B
1 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1008
194 B
1 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2715
323 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 200
539 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 716
733 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 493
355 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 310
98 B
64 21
Domain Requested by
28 static.barclaycardus.com www.jetbluemastercard.com
static.barclaycardus.com
12 pixel.everesttech.net 6 redirects
10 dpm.demdex.net 1 redirects www.jetbluemastercard.com
9 cm.g.doubleclick.net 8 redirects
8 cm.everesttech.net 8 redirects
7 sync-tm.everesttech.net 7 redirects
5 www.jetbluemastercard.com 1 redirects www.jetbluemastercard.com
static.barclaycardus.com
2 mid.rkdms.com 1 redirects
2 sync.search.spotxchange.com 1 redirects
2 ib.adnxs.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 ads.scorecardresearch.com 2 redirects
2 gum.criteo.com 2 redirects
2 tag.yieldoptimizer.com 2 redirects
2 metrics.barclaycardus.com static.barclaycardus.com
gif.barclaycardus.com
2 gif.barclaycardus.com static.barclaycardus.com
1 image2.pubmatic.com
1 us-u.openx.net
1 pixel.rubiconproject.com
1 ads.yahoo.com
1 fei.pro-market.net 1 redirects
1 c.bing.com 1 redirects
1 p.rfihub.com 1 redirects
1 analytics.twitter.com
1 idsync.rlcdn.com
1 barclaybankdelaware.demdex.net static.barclaycardus.com
0 metrics-prod.barclaycardus.com Failed static.barclaycardus.com
64 27
Subject Issuer Validity Valid
www.jetbluemastercard.com
Entrust Certification Authority - L1M		 2021-10-19 -
2022-10-26		 a year crt.sh
www.barclaycardus.com
Entrust Certification Authority - L1M		 2021-12-06 -
2022-12-28		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
metrics.barclaycardus.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-23 -
2023-03-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-31 -
2022-10-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Frame ID: 7D97B63BF032BB3D2690654823112002
Requests: 39 HTTP requests in this frame

Frame: https://barclaybankdelaware.demdex.net/dest5.html?d_nsid=0
Frame ID: 6B20A72EB848DD724357E9FB227D1D44
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to Card Servicing

Page URL History Show full URLs

  1. https://www.jetbluemastercard.com/servicing/payment HTTP 302
    http://www.jetbluemastercard.com/servicing/home?redirectAction=/payment HTTP 307
    https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

64
Requests

61 %
HTTPS

16 %
IPv6

21
Domains

27
Subdomains

18
IPs

7
Countries

889 kB
Transfer

3612 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.jetbluemastercard.com/servicing/payment HTTP 302
    http://www.jetbluemastercard.com/servicing/home?redirectAction=/payment HTTP 307
    https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1654787199205 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1654787199205
Request Chain 34
  • https://cm.everesttech.net/cm/dd?d_uuid=18170560663922457321784441285300968574 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YqIMfwAAABzl6ANn
Request Chain 39
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTgxNzA1NjA2NjM5MjI0NTczMjE3ODQ0NDEyODUzMDA5Njg1NzQ= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTgxNzA1NjA2NjM5MjI0NTczMjE3ODQ0NDEyODUzMDA5Njg1NzQ=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBUGV_0heUIDd9D3535cL5g&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 41
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEAgaQ6p3ZU6b9N5NU8AjlyM&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 42
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEAgaQ6p3ZU6b9N5NU8AjlyM&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 43
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEAgaQ6p3ZU6b9N5NU8AjlyM&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 44
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEAgaQ6p3ZU6b9N5NU8AjlyM&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 45
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEAgaQ6p3ZU6b9N5NU8AjlyM&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 46
  • https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5131077721629978040
Request Chain 47
  • https://c.bing.com/c.gif?uid=18170560663922457321784441285300968574&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1AD17534F94A6D7333A7648AF8216CE1
Request Chain 48
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEAgaQ6p3ZU6b9N5NU8AjlyM&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 50
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?tc=963371013&t=i&p=2233 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015877404138
Request Chain 51
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dHdThip_P7F70oV1TdzaYM0i3oghAfva&gdpr=0&gdpr_consent=
Request Chain 52
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=18170560663922457321784441285300968574 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=4806768378555286539
Request Chain 53
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=18170560663922457321784441285300968574&rn=1654787199515&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D18170560663922457321784441285300968574 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=18170560663922457321784441285300968574&rn=1654787199515&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D18170560663922457321784441285300968574 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=18170560663922457321784441285300968574
Request Chain 54
  • https://cm.everesttech.net/cm/yh HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YqIMfwAAABzl6ANn&sigv=1&esig=1~e4f32507dc981ff104c41a9c310191fc591c119e
Request Chain 55
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXFJTWZ3QUFBQnpsNkFObg==
Request Chain 56
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YqIMfwAAABzl6ANn&expires=90
Request Chain 57
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YqIMfwAAABzl6ANn HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YqIMfwAAABzl6ANn&C=1
Request Chain 58
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YqIMfwAAABzl6ANn HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYqIMfwAAABzl6ANn
Request Chain 59
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YqIMfwAAABzl6ANn
Request Chain 60
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqIMfwAAABzl6ANn
Request Chain 61
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YqIMfwAAABzl6ANn&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YqIMfwAAABzl6ANn&img=1&__user_check__=1&sync_id=c5551f57-e805-11ec-adb2-1dbc55590106
Request Chain 62
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=18170560663922457321784441285300968574&_ct=img HTTP 302
  • https://mid.rkdms.com/restricted

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home
www.jetbluemastercard.com/servicing/
Redirect Chain
  • https://www.jetbluemastercard.com/servicing/payment
  • http://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
  • https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
35 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
167.203.49.81 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software
/
Resource Hash
0fdd7195a881b8d0d3268ae670f3d58ae6c33b09a7e173a76c9d0d3856fcb083
Security Headers
Name Value
Strict-Transport-Security max-age=31537000; includeSubDomains
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
en-US
Content-Type
text/html;charset=UTF-8
Date
Thu, 09 Jun 2022 15:06:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=3, max=499
Pragma
no-cache
Server
Strict-Transport-Security
max-age=31537000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-FRAME-OPTIONS
DENY
t_tr
33095474396968
x-bstat
11|B|vip|140

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Non-Authoritative-Reason
HSTS
barclays-theme.css
static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/ 		481 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/barclays-theme.css
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
afdc295e410ea7df6263d47ad565c2818d5ffa13550381b8f12b8fdfc0ae0d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:40:41 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:38 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=438
accept-ranges
bytes
content-length
42035
expires
Thu, 09 Jun 2022 15:13:56 GMT
login.css
static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/sections/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/sections/login.css
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0f8e3b51b30b4aafc633974c1f540977707e2085a0e235d30fe0ce1e2728de24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:40:42 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:38 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=431
accept-ranges
bytes
content-length
3480
expires
Thu, 09 Jun 2022 15:13:49 GMT
adrum.js
static.barclaycardus.com/servicing/a68a4082/js/base/monitoring/appd/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/monitoring/appd/adrum.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aee2257b22751a8ecc887db7435befa684a6e47c09b994dee7eb641e026fc236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:54 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=483
accept-ranges
bytes
content-length
11540
expires
Thu, 09 Jun 2022 15:14:41 GMT
tealeaf.js
static.barclaycardus.com/servicing/a68a4082/js/base/tagging/ 		143 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/tagging/tealeaf.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
47ef86d553fe599a1e3352a418790275623e94533bb8fe1d3cd5f353f57a5667
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:54 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=34
accept-ranges
bytes
content-length
48186
expires
Thu, 09 Jun 2022 15:07:12 GMT
launch-b905aa3a111d.min.js
static.barclaycardus.com/servicing/a68a4082/js/base/tagging/adbe/launch/0bed9da4b0d0/0d5d5982996d/ 		726 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/tagging/adbe/launch/0bed9da4b0d0/0d5d5982996d/launch-b905aa3a111d.min.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
90089808b844946938133c2faa1ac8b8f9bfa7dd31af28d562531060060747e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:54 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=476
accept-ranges
bytes
content-length
136803
expires
Thu, 09 Jun 2022 15:14:34 GMT
modernizr.min.js
static.barclaycardus.com/servicing/cache/js/base/modernizr/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/cache/js/base/modernizr/modernizr.min.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
461b29cf9f43cff35b3dd46e1fe6efa4a53ccbc015b0c657d917fa0408c42e12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:54 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=33
accept-ranges
bytes
content-length
6555
expires
Thu, 09 Jun 2022 15:07:11 GMT
facebook-icon.svg
static.barclaycardus.com/servicing/a68a4082/img/base/ 		1 KB
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/facebook-icon.svg
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9453f432094770a1a1b2a8db0989cd05563c1ee33e8c841ac9d68ca9accd2d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=514
accept-ranges
bytes
content-length
626
expires
Thu, 09 Jun 2022 15:15:13 GMT
twitter-icon.svg
static.barclaycardus.com/servicing/a68a4082/img/base/ 		1 KB
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/twitter-icon.svg
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7a15a5a8cb92af4820d68c7268a8739dbf785f5da31159c25fcc7f515c220f0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=97
accept-ranges
bytes
content-length
806
expires
Thu, 09 Jun 2022 15:08:16 GMT
youtube-icon.svg
static.barclaycardus.com/servicing/a68a4082/img/base/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/youtube-icon.svg
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ab65b22cce40c3511931b3fe4a63118cb1a3db29a5c725a55b991be365b66242
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=516
accept-ranges
bytes
content-length
1708
expires
Thu, 09 Jun 2022 15:15:15 GMT
instagram-icon.svg
www.jetbluemastercard.com/servicing/img/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jetbluemastercard.com/servicing/img/instagram-icon.svg
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
167.203.49.81 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software
/
Resource Hash
459909e7dd96c9145d76ce128fa7d149d8faeb83e8f8fabf9d6fa22254bdad12
Security Headers
Name Value
Strict-Transport-Security max-age=31537000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 15:06:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31537000; includeSubDomains
Content-Language
en-US
x-bstat
11|B|vip|140
Connection
Keep-Alive
Content-Type
text/html;charset=UTF-8
Keep-Alive
timeout=3, max=500
fdic-logo-icon.svg
static.barclaycardus.com/servicing/a68a4082/img/base/ 		1 KB
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/fdic-logo-icon.svg
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e2dff1745825c481ce0b9d3825110689bdb2980ac8c5f7d3f8fa51e6d494b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=28
accept-ranges
bytes
content-length
711
expires
Thu, 09 Jun 2022 15:07:07 GMT
bbb-logo-icon.svg
static.barclaycardus.com/servicing/a68a4082/img/base/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/bbb-logo-icon.svg
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c7a7a5abb822e5434754ab61f9b1d41ac0acfe0eaf6f17e81d3e0eaeb7628a27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=301
accept-ranges
bytes
content-length
1892
expires
Thu, 09 Jun 2022 15:11:40 GMT
norton-secured-logo-icon.svg
static.barclaycardus.com/servicing/a68a4082/img/base/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/norton-secured-logo-icon.svg
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6e6d1d177f9fd07b5799c366576c309c612854dde7c139834681fea50fb83382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=145
accept-ranges
bytes
content-length
4765
expires
Thu, 09 Jun 2022 15:09:04 GMT
rsa-security-logo-icon.svg
static.barclaycardus.com/servicing/a68a4082/img/base/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/rsa-security-logo-icon.svg
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa3ad334487ce0fbd50e2a8525d96181ae997e6c4f2caf1872b164cb0fadfc15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=241
accept-ranges
bytes
content-length
1829
expires
Thu, 09 Jun 2022 15:10:40 GMT
require.js
static.barclaycardus.com/servicing/a68a4082/js/base/vendor/requirejs/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/vendor/requirejs/require.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f28aad5e4303e98d21626c1044e8afcba3e8dce789e9c6245084bfc83082503e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:55 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=229
accept-ranges
bytes
content-length
6230
expires
Thu, 09 Jun 2022 15:10:28 GMT
bcusMod.js
static.barclaycardus.com/servicing/a68a4082/js/base/bcusMod/build/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/bcusMod/build/bcusMod.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b2a290e3f3cf4aa4866a0674f0b24438c76155eafbaaf146262c0582ab14df4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:41:40 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=65
accept-ranges
bytes
content-length
1206
expires
Thu, 09 Jun 2022 15:07:44 GMT
common.vendor.js
static.barclaycardus.com/servicing/a68a4082/js/base/webpack/build/ 		179 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/webpack/build/common.vendor.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1b48dda1f0c0aa8f7e595973a7296c3b2de769ae744d4bc799f59cd36b96a393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:43:41 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=472
accept-ranges
bytes
content-length
59197
expires
Thu, 09 Jun 2022 15:14:31 GMT
react.vendor.js
static.barclaycardus.com/servicing/a68a4082/js/base/webpack/build/ 		700 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/webpack/build/react.vendor.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a10f02153a53b531603f1495f8ebc8c9978aec2335155cea68288b3c203483fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:43:41 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=242
accept-ranges
bytes
content-length
190503
expires
Thu, 09 Jun 2022 15:10:41 GMT
app.logoComponent.js
static.barclaycardus.com/servicing/a68a4082/js/base/webpack/build/ 		418 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/webpack/build/app.logoComponent.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cff984c6d6c5c5503b8ffd3542368f430cab01663d694bd639c7656187586f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:43:41 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=516
accept-ranges
bytes
content-length
275
expires
Thu, 09 Jun 2022 15:15:15 GMT
app.singleCardTracker.js
static.barclaycardus.com/servicing/a68a4082/js/base/webpack/build/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/webpack/build/app.singleCardTracker.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b2e6aaaf27f8477336beaab24c13073748b5c497d67881140587e39e92d2b00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:43:41 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21
accept-ranges
bytes
content-length
2424
expires
Thu, 09 Jun 2022 15:07:00 GMT
tltWorker.js
www.jetbluemastercard.com/servicing/js/base/tagging/ 		29 KB
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.jetbluemastercard.com/servicing/js/base/tagging/tltWorker.js
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
167.203.49.81 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software
/
Resource Hash
5930a6e44643b0c8d09987db761c22b2040b14f4a29a535e120dd2ca408d9ff4
Security Headers
Name Value
Strict-Transport-Security max-age=31537000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 15:06:38 GMT
Last-Modified
Wed, 25 May 2022 18:49:27 GMT
Server
ETag
W/"30143-1653504567000"
Strict-Transport-Security
max-age=31537000; includeSubDomains
Content-Type
application/javascript
x-bstat
11|B|vip|140
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=498
Content-Length
30143
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1654787199205
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1654787199205
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1654787199205
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
HTTP/1.1
Server
34.248.99.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-99-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fd290dcb2c6a7239c92f836a33d5b46469f1319b1f029ff154ef67d004cb30f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-0b5dc734a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
DK4gn4nRQ+s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.jetbluemastercard.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1597
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v034-0378d2c90.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.jetbluemastercard.com
X-TID
NBnIm0qRSzA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A829776A5245B3280A490D44%40AdobeOrg&d_nsid=0&ts=1654787199205
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EX300184925b7742caa4ce34a126434a96-libraryCode_source.min.js
gif.barclaycardus.com/servicing/js/base/tagging/adbe/launch/0bed9da4b0d0/0d5d5982996d/f274c83fc314/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gif.barclaycardus.com/servicing/js/base/tagging/adbe/launch/0bed9da4b0d0/0d5d5982996d/f274c83fc314/EX300184925b7742caa4ce34a126434a96-libraryCode_source.min.js
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/js/base/tagging/adbe/launch/0bed9da4b0d0/0d5d5982996d/launch-b905aa3a111d.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c892bff37561f6089e2fe5ba9d64f488f3dabeefd7bb50d763706700fad840a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 15:06:39 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:54 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
22530
opensans-regular-webfont.woff
static.barclaycardus.com/servicing/a68a4082/img/base/fonts/opensans/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/fonts/opensans/opensans-regular-webfont.woff
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/barclays-theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
404688527e8873a4aeceb70e2c8785f065bbe48f53c7ba5865fe3e8862cecf68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/barclays-theme.css
Origin
https://www.jetbluemastercard.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=5
accept-ranges
bytes
content-length
24778
expires
Thu, 09 Jun 2022 15:06:44 GMT
glyphicons-halflings-regular.woff
static.barclaycardus.com/servicing/css/base/themes/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/css/base/themes/fonts/glyphicons-halflings-regular.woff
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/barclays-theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Referer
https://static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/barclays-theme.css
Origin
https://www.jetbluemastercard.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 15:06:39 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:52 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
accept-ranges
bytes
content-length
23132
expertsans-light-webfont.woff2
static.barclaycardus.com/servicing/a68a4082/img/base/fonts/expertsans/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/fonts/expertsans/expertsans-light-webfont.woff2
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/barclays-theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9bb5c8f3d460e6ac33557400adef674006706bba061a270583019306fbc500ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/barclays-theme.css
Origin
https://www.jetbluemastercard.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=46
accept-ranges
bytes
content-length
19073
expires
Thu, 09 Jun 2022 15:07:25 GMT
expertsans-regular-webfont.woff2
static.barclaycardus.com/servicing/a68a4082/img/base/fonts/expertsans/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/fonts/expertsans/expertsans-regular-webfont.woff2
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/barclays-theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0993373322544051ba3c0bf17cd144f5eb50ad5db671906b3bc6f4cd66750779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.barclaycardus.com/servicing/a68a4082/css/base/build/themes/barclays/barclays-theme.css
Origin
https://www.jetbluemastercard.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=134
accept-ranges
bytes
content-length
18945
expires
Thu, 09 Jun 2022 15:08:53 GMT
globalDependencies.js
static.barclaycardus.com/servicing/a68a4082/js/base/bcusMod/build/ 		714 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/bcusMod/build/globalDependencies.js
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/js/base/vendor/requirejs/require.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ba171406fc3e492493a3f68803d40a11a38071ea2977fbac61a8d0ad18cb645b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:41:40 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=439
accept-ranges
bytes
content-length
100536
expires
Thu, 09 Jun 2022 15:13:58 GMT
header-logo.svg
static.barclaycardus.com/servicing/a68a4082/img/base/ 		10 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.barclaycardus.com/servicing/a68a4082/img/base/header-logo.svg
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
270761c78a4f14e075c55d57ba092ae7e60afb9ffcc0a60767d1b748730f8e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:53 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=517
accept-ranges
bytes
content-length
4585
expires
Thu, 09 Jun 2022 15:15:16 GMT
cwsTemplate.js
static.barclaycardus.com/servicing/a68a4082/js/base/bcusMod/build/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/bcusMod/build/cwsTemplate.js
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/js/base/vendor/requirejs/require.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
25c63ffea3817ec022e2a9458165f32bed86095f7567a2a35927825237216caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:41:40 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=308
accept-ranges
bytes
content-length
1692
expires
Thu, 09 Jun 2022 15:11:47 GMT
login.js
static.barclaycardus.com/servicing/a68a4082/js/base/bcusMod/build/pages/ 		95 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/bcusMod/build/pages/login.js
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/js/base/vendor/requirejs/require.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
707a1cc9da6f74b231ce09353f161e2dd6e4a3591bd6b5efd3a1f550da739454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:41:40 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=22
accept-ranges
bytes
content-length
22964
expires
Thu, 09 Jun 2022 15:07:01 GMT
bcusBrowserDetection.js
static.barclaycardus.com/servicing/a68a4082/js/base/bcusMod/build/utils/ 		122 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.barclaycardus.com/servicing/a68a4082/js/base/bcusMod/build/utils/bcusBrowserDetection.js
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/js/base/vendor/requirejs/require.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
354840abebd3e29b4d6c4ed4c2584b5ce2e2731c2742dc61ffa1bd5409c72763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:41:40 GMT
server
Apache
date
Thu, 09 Jun 2022 15:06:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
content-length
21665
expires
Thu, 09 Jun 2022 15:06:40 GMT
dest5.html
barclaybankdelaware.demdex.net/ Frame 6B20 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://barclaybankdelaware.demdex.net/dest5.html?d_nsid=0
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/js/base/tagging/adbe/launch/0bed9da4b0d0/0d5d5982996d/launch-b905aa3a111d.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.26.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.jetbluemastercard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v034-0c7706e1f.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zJ17YrTNSeU=
content-encoding
gzip
date
Thu, 9 Jun 2022 15:06:39 GMT
last-modified
Wed, 8 Jun 2022 13:40:06 GMT
vary
accept-encoding
id
metrics.barclaycardus.com/ 		48 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.barclaycardus.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=A829776A5245B3280A490D44%40AdobeOrg&mid=13428506231621628011393339336595769323&ts=1654787199593
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/js/base/monitoring/appd/adrum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
83645a4413fe48edfa06cd91971dd8cd283fb21a239c29e94f543eb45f63adbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.jetbluemastercard.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Jun 2022 15:06:39 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-df488f754-tzjs9
vary
Origin
x-c
main-1645.Id526ce.M0-571
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.jetbluemastercard.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YqIMfwAAABzl6ANn
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=18170560663922457321784441285300968574
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YqIMfwAAABzl6ANn
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YqIMfwAAABzl6ANn
Requested by
Host: www.jetbluemastercard.com
URL: https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
Protocol
HTTP/1.1
Server
34.248.99.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-99-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-0a50a7dd7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
YSK+6EClSb4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YqIMfwAAABzl6ANn
Date
Thu, 09 Jun 2022 15:06:39 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
errorMessage
www.jetbluemastercard.com/servicing/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.jetbluemastercard.com/servicing/errorMessage?getErrorMessagesByAction=&qClassName=com.barclaycardus.app.cws.action.UXLoginActionBean
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/js/base/monitoring/appd/adrum.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
167.203.49.81 , United Kingdom, ASN6303 (BARCLAYS-CAPITAL, US),
Reverse DNS
Software
/
Resource Hash
382dbbe163c59254fa49777d3e4d6d60534caebe673e07e6f0cf67433777c2e4
Security Headers
Name Value
Strict-Transport-Security max-age=31537000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept
*/*
Referer
https://www.jetbluemastercard.com/servicing/home?redirectAction=/payment
X-Requested-With
XMLHttpRequest
ADRUM
isAjax:true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
BCUS-AJAX
true

Response headers

Date
Thu, 09 Jun 2022 15:06:39 GMT
ADRUM_1
n:customer1_cef9c775-235b-47f1-bf3a-93c79b04de82
ADRUM_2
i:296487
Connection
Keep-Alive
ADRUM_3
e:18
Content-Length
1055
Pragma
no-cache
Server
ADRUM_0
g:abd1e541-3dc7-4124-90f7-3bc21176d4e0
X-FRAME-OPTIONS
DENY
Strict-Transport-Security
max-age=31537000; includeSubDomains
Content-Language
en-US
Cache-control
no-store, no-cache, must-revalidate
x-bstat
11|B|vip|140
Content-Type
application/json;charset=UTF-8
Keep-Alive
timeout=3, max=497
Expires
Thu, 01 Jan 1970 00:00:00 GMT
365868.gif
idsync.rlcdn.com/ Frame 6B20 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=18170560663922457321784441285300968574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 15:06:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adrum-ext.d5dfd2e692f603f77711b2992d5a9455.js
gif.barclaycardus.com/servicing/js/base/monitoring/appd/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gif.barclaycardus.com/servicing/js/base/monitoring/appd/adrum-ext.d5dfd2e692f603f77711b2992d5a9455.js
Requested by
Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/a68a4082/js/base/monitoring/appd/adrum.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.235.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-235-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95bb3ad6d64c3f364b51fdcae96a8719f758efc5581a0dba16eba909e4c87e77

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 15:06:39 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2022 18:21:54 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
15025
s17376479523169
metrics.barclaycardus.com/b/ss/barclaysglobalcm,barclaysusglobal/10/JS-2.22.0-LCS4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.barclaycardus.com/b/ss/barclaysglobalcm,barclaysusglobal/10/JS-2.22.0-LCS4/s17376479523169?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=9%2F5%2F2022%2015%3A6%3A39%204%200&d.&nsid=0&jsonv=1&.d&mid=13428506231621628011393339336595769323&aamlh=6&ce=UTF-8&pageName=%20LOGIN%3ASECURE&g=https%3A%2F%2Fwww.jetbluemastercard.com%2Fservicing%2Fhome%3FredirectAction%3D%2Fpayment&c.&getTimeParting=6.3&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&inList=3.0&formatTime=2.0&apl=4.0&getPreviousValue=3.0&.c&cc=USD&ch=LOGIN&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=New&v8=year%3D2022%20%7C%20month%3DJune%20%7C%20date%3D9%20%7C%20day%3DThursday%20%7C%20time%3D11%3A06%20AM&v12=003&c25=LOGIN%3ASECURE&v55=NO_XSESSION_ID&v82=Responsive%20Web&v100=13428506231621628011393339336595769323&v171=barclaysglobalcm%2Cbarclaysusglobal&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A829776A5245B3280A490D44%40AdobeOrg&AQE=1
Requested by
Host: gif.barclaycardus.com
URL: https://gif.barclaycardus.com/servicing/js/base/tagging/adbe/launch/0bed9da4b0d0/0d5d5982996d/f274c83fc314/EX300184925b7742caa4ce34a126434a96-libraryCode_source.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
225fcc889e2f60a3cc3ac6d91c055a33b500c61fdf1eb51d54936705abd8602b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.jetbluemastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-aam-tid
OCQAb1ctTQc=
date
Thu, 09 Jun 2022 15:06:40 GMT
x-content-type-options
nosniff
x-c
main-1645.Id526ce.M0-571
p3p
CP="This is not a P3P policy"
vary
*
content-length
5349
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v034-026c74e22.edge-irl1.demdex.com UNKNOWN
pragma
no-cache
last-modified
Fri, 10 Jun 2022 15:06:40 GMT
server
jag
xserver
anedge-df488f754-tzjs9
etag
3553628455037632512-4619592946676725507
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 08 Jun 2022 15:06:40 GMT
ibs:dpid=771&dpuuid=CAESEBUGV_0heUIDd9D3535cL5g&google_cver=1
dpm.demdex.net/ Frame 6B20
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTgxNzA1NjA2NjM5MjI0NTczMjE3ODQ0NDEyODUzMDA5Njg1NzQ=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTgxNzA1NjA2NjM5MjI0NTczMjE3ODQ0NDEyODUzMDA5Njg1NzQ=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBUGV_0heUIDd9D3535cL5g&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBUGV_0heUIDd9D3535cL5g&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
34.248.99.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-99-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v034-0cc7eb3cc.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
yVDvIydHR30=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 09 Jun 2022 15:06:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBUGV_0heUIDd9D3535cL5g&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ Frame 6B20 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=18170560663922457321784441285300968574&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
104
date
Thu, 09 Jun 2022 15:06:40 GMT
server
tsa_f
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
5d9cf765e4c26a4a07e7307d640586048f66ab64c70003c0d1a781433bd31dfc
content-length
43
1x1
pixel.everesttech.net/ Frame 6B20
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEAgaQ6p3ZU6b9N5NU8AjlyM&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.214.225.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-225-206.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 15:06:40 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Thu, 09 Jun 2022 15:06:40 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 6B20
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEA...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.214.225.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-225-206.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 15:06:40 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Thu, 09 Jun 2022 15:06:40 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 6B20
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.214.225.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-225-206.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 15:06:40 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b516-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Thu, 09 Jun 2022 15:06:40 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 6B20
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.214.225.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-225-206.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 15:06:40 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Thu, 09 Jun 2022 15:06:40 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 6B20
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.214.225.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-225-206.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 15:06:40 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b516-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Thu, 09 Jun 2022 15:06:40 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ibs:dpid=1121&dpuuid=5131077721629978040
dpm.demdex.net/ Frame 6B20
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=7085
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5131077721629978040
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5131077721629978040
Protocol
HTTP/1.1
Server
34.248.99.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-99-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-0f71fc53b.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
2+eMS6OYSFA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5131077721629978040
Date
Thu, 09 Jun 2022 15:06:40 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=1957&dpuuid=1AD17534F94A6D7333A7648AF8216CE1
dpm.demdex.net/ Frame 6B20
Redirect Chain
  • https://c.bing.com/c.gif?uid=18170560663922457321784441285300968574&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1AD17534F94A6D7333A7648AF8216CE1
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1AD17534F94A6D7333A7648AF8216CE1
Protocol
HTTP/1.1
Server
34.248.99.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-99-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-0a30c6402.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hgHOCW/mSEQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 09 Jun 2022 15:06:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 01BDB18E62F542E88F5EA894447C67F8 Ref B: FRAEDGE1421 Ref C: 2022-06-09T15:06:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1AD17534F94A6D7333A7648AF8216CE1
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
1x1
pixel.everesttech.net/ Frame 6B20
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXFJTWZ3QUFBQnpsNkFObg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.214.225.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-225-206.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 15:06:41 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Thu, 09 Jun 2022 15:06:41 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
adrum
metrics-prod.barclaycardus.com/eumcollector/beacons/browser/v1/EUM-AAB-AUA/ 		0
0
ibs:dpid=22069&dpuuid=3015877404138
dpm.demdex.net/ Frame 6B20
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
  • https://tag.yieldoptimizer.com/ps/ps?tc=963371013&t=i&p=2233
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015877404138
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015877404138
Protocol
HTTP/1.1
Server
34.248.99.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-99-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-043e1d4d2.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
q/ppgFgVSzY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 09 Jun 2022 15:06:40 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015877404138
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=28645&dpuuid=dHdThip_P7F70oV1TdzaYM0i3oghAfva&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 6B20
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dHdThip_P7F70oV1TdzaYM0i3oghAfva&gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dHdThip_P7F70oV1TdzaYM0i3oghAfva&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
34.248.99.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-99-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v034-0e003a4ee.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
EH+byFFVSYk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dHdThip_P7F70oV1TdzaYM0i3oghAfva&gdpr=0&gdpr_consent=
date
Thu, 09 Jun 2022 15:06:40 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
4280
content-length
227
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
ibs:dpid=575&dpuuid=4806768378555286539
dpm.demdex.net/ Frame 6B20
Redirect Chain
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=18170560663922457321784441285300968574
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=4806768378555286539
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=575&dpuuid=4806768378555286539
Protocol
HTTP/1.1
Server
34.248.99.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-99-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-0467c4b8c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
k+8iobqKSFs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 09 Jun 2022 15:06:40 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=575&dpuuid=4806768378555286539
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
ibs:dpid=73426&dpuuid=18170560663922457321784441285300968574
dpm.demdex.net/ Frame 6B20
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=18170560663922457321784441285300968574&rn=1654787199515&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D181705606639224...
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=18170560663922457321784441285300968574&rn=1654787199515&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D18170560663922...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=18170560663922457321784441285300968574
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=18170560663922457321784441285300968574
Protocol
HTTP/1.1
Server
34.248.99.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-99-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v034-0378d2c90.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4ssiid63RRQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=18170560663922457321784441285300968574
date
Thu, 09 Jun 2022 15:06:41 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
iyec2XyZX0gNTpzrhnYhkYtnjmEyVwSRNXg2on8weA3lq0XQhQGzbw==
x-cache
Miss from cloudfront
v1
ads.yahoo.com/cms/ Frame 6B20
Redirect Chain
  • https://cm.everesttech.net/cm/yh
  • https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YqIMfwAAABzl6ANn&sigv=1&esig=1~e4f32507dc981ff104c41a9c310191fc591c119e
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YqIMfwAAABzl6ANn&sigv=1&esig=1~e4f32507dc981ff104c41a9c310191fc591c119e
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 15:06:41 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YqIMfwAAABzl6ANn&sigv=1&esig=1~e4f32507dc981ff104c41a9c310191fc591c119e
Date
Thu, 09 Jun 2022 15:06:41 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
pixel
cm.g.doubleclick.net/ Frame 6B20
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXFJTWZ3QUFBQnpsNkFObg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXFJTWZ3QUFBQnpsNkFObg==
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 15:06:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Jun 2022 15:06:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654787202.686245,VS0,VE0
x-served-by
cache-hhn4042-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXFJTWZ3QUFBQnpsNkFObg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 6B20
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YqIMfwAAABzl6ANn&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YqIMfwAAABzl6ANn&expires=90
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 09 Jun 2022 15:06:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654787202.686232,VS0,VE0
x-served-by
cache-hhn4042-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YqIMfwAAABzl6ANn&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 6B20
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YqIMfwAAABzl6ANn
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YqIMfwAAABzl6ANn&C=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YqIMfwAAABzl6ANn&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Jun 2022 15:06:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 09 Jun 2022 15:06:42 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 09 Jun 2022 15:06:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YqIMfwAAABzl6ANn&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Thu, 09 Jun 2022 15:06:42 GMT
bounce
ib.adnxs.com/ Frame 6B20
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YqIMfwAAABzl6ANn
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYqIMfwAAABzl6ANn
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYqIMfwAAABzl6ANn
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Jun 2022 15:06:42 GMT
X-Proxy-Origin
82.199.130.42; 82.199.130.42; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
426135ed-7dd7-4ee5-9e6c-9f9451c1d6ab
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 09 Jun 2022 15:06:42 GMT
X-Proxy-Origin
82.199.130.42; 82.199.130.42; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6015fe58-3c7d-41e1-8b82-4a04dee18c9c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYqIMfwAAABzl6ANn
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6B20
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YqIMfwAAABzl6ANn
43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YqIMfwAAABzl6ANn
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 15:06:42 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Jun 2022 15:06:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654787202.968358,VS0,VE0
x-served-by
cache-hhn4042-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YqIMfwAAABzl6ANn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 6B20
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqIMfwAAABzl6ANn
1 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqIMfwAAABzl6ANn
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 15:06:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 09 Jun 2022 15:06:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654787202.068114,VS0,VE0
x-served-by
cache-hhn4042-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqIMfwAAABzl6ANn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 6B20
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YqIMfwAAABzl6ANn&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YqIMfwAAABzl6ANn&img=1&__user_check__=1&sync_id=c5551f57-e805-11ec-adb2-1dbc55590106
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YqIMfwAAABzl6ANn&img=1&__user_check__=1&sync_id=c5551f57-e805-11ec-adb2-1dbc55590106
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 15:06:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
59
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 09 Jun 2022 15:06:42 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YqIMfwAAABzl6ANn&img=1&__user_check__=1&sync_id=c5551f57-e805-11ec-adb2-1dbc55590106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
97
Connection
keep-alive
Content-Length
0
restricted
mid.rkdms.com/ Frame 6B20
Redirect Chain
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=18170560663922457321784441285300968574&_ct=img
  • https://mid.rkdms.com/restricted
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mid.rkdms.com/restricted
Protocol
H2
Server
34.237.85.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-85-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaybankdelaware.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Redirect headers

location
/restricted
date
Thu, 09 Jun 2022 15:06:42 GMT
server
nginx
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
metrics-prod.barclaycardus.com
URL
https://metrics-prod.barclaycardus.com/eumcollector/beacons/browser/v1/EUM-AAB-AUA/adrum

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| antiClickjack number| adrum-start-time object| ADRUM object| pako object| TLT object| TLT_custom object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| adobeDataLayer object| Modernizr object| html5 function| yepnope object| loginForm object| t_element string| t_element_value function| requirejs function| require function| define function| getBaseUrl function| webpackJsonp object| logo_data object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| data_layer function| $ function| jQuery object| JST function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_AudienceManagement object| s number| s_objectID number| s_giq function| DIL function| getTimeParting function| getNewRepeat string| SEP string| PAIR function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| cookieWrite function| cookieRead string| g object| s_i_barclaysglobalcm_barclaysusglobal

41 Cookies

Domain/Path Name / Value
www.jetbluemastercard.com/servicing Name: JSESSIONID
Value: 46789EDAC8D30639E6A2624B2269B39C.webalpha_clzpsr000000169
www.jetbluemastercard.com/ Name: TSESSIONID
Value: 46789EDAC8D30639E6A2624B2269B39C.webalpha_clzpsr000000169
.jetbluemastercard.com/ Name: domainCPCCookie
Value: 003
.demdex.net/ Name: demdex
Value: 18170560663922457321784441285300968574
.jetbluemastercard.com/ Name: AMCVS_A829776A5245B3280A490D44%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YqIMfwAAABzl6ANn
.dpm.demdex.net/ Name: dpm
Value: 18170560663922457321784441285300968574
.jetbluemastercard.com/ Name: s_nr30
Value: 1654787199993-New
.jetbluemastercard.com/ Name: s_cc
Value: true
.jetbluemastercard.com/ Name: AMCV_A829776A5245B3280A490D44%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19153%7CMCMID%7C13428506231621628011393339336595769323%7CMCAAMLH-1655391999%7C6%7CMCAAMB-1655391999%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1654794400s%7CNONE%7CMCSYNCSOP%7C411-19160%7CMCAID%7CNONE%7CvVersion%7C5.4.0
.jetbluemastercard.com/ Name: AAMC_barclaybankdelaware_0
Value: REGION%7C6
.jetbluemastercard.com/ Name: aam_uuid
Value: 18170560663922457321784441285300968574
.doubleclick.net/ Name: IDE
Value: AHWqTUkHMN61ymJhsUBiCwi9pPKXEpEi-Fh4nBZp11J-auDQXZ3IyTLtMDZJz8OrR7w
.twitter.com/ Name: personalization_id
Value: "v1_1yn8CbnCw4JGiHS5wwwHZA=="
.everesttech.net/ Name: ev_sync_ax
Value: 20220609
.everesttech.net/ Name: everest_session_v2
Value: YqIMgAAABKacnDfX
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3MjQzsrQ0tzAwMRDiM9Q1qvItsszw9g0zMzcHAPnmxoklAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3MjQzsrQ0tzAwMRDiM9Q1qvItsszw9g0zMzcHAPnmxoklAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFxGtoZmpibmFuZGBgaWIAAKJBJYoQAAAA
.bing.com/ Name: MUID
Value: 1AD17534F94A6D7333A7648AF8216CE1
.yieldoptimizer.com/ Name: fbh0
Value: %7B%7D
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 963371013
.criteo.com/ Name: uid
Value: 00aaf97f-1b47-4686-8cba-4ffeb0056a83
.yieldoptimizer.com/ Name: ckid
Value: 3015877404138
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B117783%5D%2C%22dp%22%3A%5B2233%5D%7D
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B1025%5D%2C%22t%22%3A%5B117783%5D%7D
.everesttech.net/ Name: ev_sync_yh
Value: 20220609
.scorecardresearch.com/ Name: UID
Value: 1AC3506b5b11bbb1827b69f1654787201
.adnxs.com/ Name: uuid2
Value: 3843399553437059013
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2Hb8Fz5BD!@wnfH)iR8PMp-v=0GSjiq7HfiJ%DD1ebha35N9XF$ip2%(2K:$doRL2xc>Hx7R)0ZLiAT0/rwze8php!!()1**4-F
.casalemedia.com/ Name: CMID
Value: YqIMggMEKP-03pflFV8xfwAA
.casalemedia.com/ Name: CMPS
Value: 1838
.demdex.net/ Name: dextp
Value: 60-1-1654787199896|771-1-1654787200016|1123-1-1654787200117|1083-1-1654787200218|1085-1-1654787200319|1086-1-1654787200420|1087-1-1654787200521|1088-1-1654787200622|1121-1-1654787200723|1957-1-1654787200824|19913-1-1654787200925|22069-1-1654787201029|28645-1-1654787201129|575-1-1654787201230|73426-1-1654787201331|83349-1-1654787201432|144230-1-1654787201533|144231-1-1654787201634|144232-1-1654787201736|144233-1-1654787201837|144234-1-1654787201939|144235-1-1654787202041|144236-1-1654787202142|129099-1-1654787202243
.casalemedia.com/ Name: CMPRO
Value: 713
.casalemedia.com/ Name: CMRUM3
Value: 5862a20c822760YqIMfwAAABzl6ANn
.casalemedia.com/ Name: CMST
Value: YqIMgmKiDIIA
.spotxchange.com/ Name: audience
Value: c5551f1b-e805-11ec-adb2-1dbc55590106
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YqIMfwAAABzl6ANn&KRTB&22978-YqIMfwAAABzl6ANn&KRTB&23194-YqIMfwAAABzl6ANn&KRTB&23209-YqIMfwAAABzl6ANn
.pubmatic.com/ Name: PugT
Value: 1654787202

2 Console Messages

Source Level URL
Text
network error URL: https://www.jetbluemastercard.com/servicing/img/instagram-icon.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=18170560663922457321784441285300968574
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31537000; includeSubDomains
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.scorecardresearch.com
ads.yahoo.com
analytics.twitter.com
barclaybankdelaware.demdex.net
c.bing.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
fei.pro-market.net
gif.barclaycardus.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
metrics-prod.barclaycardus.com
metrics.barclaycardus.com
mid.rkdms.com
p.rfihub.com
pixel.everesttech.net
pixel.rubiconproject.com
static.barclaycardus.com
sync-tm.everesttech.net
sync.search.spotxchange.com
tag.yieldoptimizer.com
us-u.openx.net
www.jetbluemastercard.com
metrics-prod.barclaycardus.com
104.244.42.195
13.36.218.177
142.250.185.226
151.101.2.49
167.203.49.81
184.87.213.8
185.64.190.80
185.94.180.125
193.0.160.128
23.75.235.48
2600:1901:0:8eee::
2620:1ec:c11::200
2a00:1288:80:807::1
2a02:2638:1::13
34.237.85.252
34.248.26.113
34.248.99.56
35.186.212.60
35.244.159.8
35.244.174.68
37.252.172.123
52.214.225.206
63.32.153.188
69.173.144.139
99.86.4.12
0993373322544051ba3c0bf17cd144f5eb50ad5db671906b3bc6f4cd66750779
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f8e3b51b30b4aafc633974c1f540977707e2085a0e235d30fe0ce1e2728de24
0fdd7195a881b8d0d3268ae670f3d58ae6c33b09a7e173a76c9d0d3856fcb083
1b48dda1f0c0aa8f7e595973a7296c3b2de769ae744d4bc799f59cd36b96a393
225fcc889e2f60a3cc3ac6d91c055a33b500c61fdf1eb51d54936705abd8602b
25c63ffea3817ec022e2a9458165f32bed86095f7567a2a35927825237216caa
270761c78a4f14e075c55d57ba092ae7e60afb9ffcc0a60767d1b748730f8e86
2c892bff37561f6089e2fe5ba9d64f488f3dabeefd7bb50d763706700fad840a
354840abebd3e29b4d6c4ed4c2584b5ce2e2731c2742dc61ffa1bd5409c72763
382dbbe163c59254fa49777d3e4d6d60534caebe673e07e6f0cf67433777c2e4
3b2e6aaaf27f8477336beaab24c13073748b5c497d67881140587e39e92d2b00
404688527e8873a4aeceb70e2c8785f065bbe48f53c7ba5865fe3e8862cecf68
459909e7dd96c9145d76ce128fa7d149d8faeb83e8f8fabf9d6fa22254bdad12
461b29cf9f43cff35b3dd46e1fe6efa4a53ccbc015b0c657d917fa0408c42e12
47ef86d553fe599a1e3352a418790275623e94533bb8fe1d3cd5f353f57a5667
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5930a6e44643b0c8d09987db761c22b2040b14f4a29a535e120dd2ca408d9ff4
6e6d1d177f9fd07b5799c366576c309c612854dde7c139834681fea50fb83382
707a1cc9da6f74b231ce09353f161e2dd6e4a3591bd6b5efd3a1f550da739454
7a15a5a8cb92af4820d68c7268a8739dbf785f5da31159c25fcc7f515c220f0c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e2dff1745825c481ce0b9d3825110689bdb2980ac8c5f7d3f8fa51e6d494b6b
83645a4413fe48edfa06cd91971dd8cd283fb21a239c29e94f543eb45f63adbf
90089808b844946938133c2faa1ac8b8f9bfa7dd31af28d562531060060747e9
9453f432094770a1a1b2a8db0989cd05563c1ee33e8c841ac9d68ca9accd2d97
95bb3ad6d64c3f364b51fdcae96a8719f758efc5581a0dba16eba909e4c87e77
9bb5c8f3d460e6ac33557400adef674006706bba061a270583019306fbc500ec
a10f02153a53b531603f1495f8ebc8c9978aec2335155cea68288b3c203483fa
aa3ad334487ce0fbd50e2a8525d96181ae997e6c4f2caf1872b164cb0fadfc15
ab65b22cce40c3511931b3fe4a63118cb1a3db29a5c725a55b991be365b66242
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aee2257b22751a8ecc887db7435befa684a6e47c09b994dee7eb641e026fc236
afdc295e410ea7df6263d47ad565c2818d5ffa13550381b8f12b8fdfc0ae0d09
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a290e3f3cf4aa4866a0674f0b24438c76155eafbaaf146262c0582ab14df4d
ba171406fc3e492493a3f68803d40a11a38071ea2977fbac61a8d0ad18cb645b
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c7a7a5abb822e5434754ab61f9b1d41ac0acfe0eaf6f17e81d3e0eaeb7628a27
cff984c6d6c5c5503b8ffd3542368f430cab01663d694bd639c7656187586f4e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28aad5e4303e98d21626c1044e8afcba3e8dce789e9c6245084bfc83082503e
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fd290dcb2c6a7239c92f836a33d5b46469f1319b1f029ff154ef67d004cb30f8