bill.discovernorthdallas.com Open in urlscan Pro
52.40.147.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bill.discovernorthdallas.com/
Submission: On September 08 via automatic, source certstream-suspicious (September 8th 2021, 3:22:46 pm UTC) — Scanned from DE

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 28 domains to perform 65 HTTP transactions. The main IP is 52.40.147.254, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is bill.discovernorthdallas.com.
TLS certificate: Issued by R3 on July 27th 2021. Valid for: 3 months.

This is the only time bill.discovernorthdallas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	52.40.147.254 52.40.147.254	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4007:805::2008	15169 (GOOGLE) (GOOGLE)
5	2600:9000:218... 2600:9000:218d:1e00:c:7a7f:d040:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4007:80f::200a	15169 (GOOGLE) (GOOGLE)
1	168.62.203.102 168.62.203.102	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	34.251.67.88 34.251.67.88	16509 (AMAZON-02) (AMAZON-02)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f01... 2a03:2880:f01f:6:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4007:80c::200e	15169 (GOOGLE) (GOOGLE)
6	52.216.244.140 52.216.244.140	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4007:80c::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f14... 2a03:2880:f142:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4007:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:81a::2003	15169 (GOOGLE) (GOOGLE)
1	23.4.212.77 23.4.212.77	16625 (AKAMAI-AS) (AKAMAI-AS)
2 6	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1 5	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	54.156.223.185 54.156.223.185	14618 (AMAZON-AES) (AMAZON-AES)
2 3	172.217.18.194 172.217.18.194	15169 (GOOGLE) (GOOGLE)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	35.241.54.161 35.241.54.161	15169 (GOOGLE) (GOOGLE)
1 1	46.228.164.27 46.228.164.27	56396 (TURN) (TURN)
1 2	34.240.91.113 34.240.91.113	16509 (AMAZON-02) (AMAZON-02)
1	54.72.203.75 54.72.203.75	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	23.57.80.225 23.57.80.225	16625 (AKAMAI-AS) (AKAMAI-AS)
4	34.102.191.167 34.102.191.167	15169 (GOOGLE) (GOOGLE)
65	28

7 52.40.147.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-147-254.us-west-2.compute.amazonaws.com

bill.discovernorthdallas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4007:805::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:218d:1e00:c:7a7f:d040:21 (United States)

ASN16509 (AMAZON-02, US)

d2hnwe88wt837l.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.62.203.102 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

code.listtrac.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.67.88 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-67-88.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01f:6:face:b00c:0:3 (Pantin, France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.216.244.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

yl-clients-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f142:182:face:b00c:0:25de (Marseille, France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:817::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:810::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:81a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.4.212.77 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-212-77.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.212.60 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

js.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.223.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-223-185.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ham02s14-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.54.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.54.241.35.bc.googleusercontent.com

tag.adaraanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.27 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

sd.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.91.113 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-91-113.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.203.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-203-75.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.80.225 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-80-225.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.191.167 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 167.191.102.34.bc.googleusercontent.com

sdk.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	discovernorthdallas.com bill.discovernorthdallas.com	131 KB
6	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com	7 KB
6	amazonaws.com yl-clients-prod.s3.amazonaws.com	67 KB
5	rlcdn.com 1 redirects di.rlcdn.com idsync.rlcdn.com	816 B
5	adara.com js.adara.com sdk.adara.com	2 KB
5	googleapis.com maps.googleapis.com fonts.googleapis.com	168 KB
5	cloudfront.net d2hnwe88wt837l.cloudfront.net	518 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
4	bing.com bat.bing.com	10 KB
3	facebook.com www.facebook.com	612 B
3	facebook.net connect.facebook.net	191 KB
3	googletagmanager.com www.googletagmanager.com	73 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org	909 B
2	google-analytics.com www.google-analytics.com	20 KB
2	bidr.io 1 redirects segment.prod.bidr.io	1 KB
1	bluekai.com stags.bluekai.com	329 B
1	ctnsnet.com 1 redirects cm.ctnsnet.com	385 B
1	yahoo.com cms.analytics.yahoo.com
1	krxd.net beacon.krxd.net	338 B
1	turn.com 1 redirects sd.turn.com	415 B
1	adaraanalytics.com tag.adaraanalytics.com	355 B
1	trueleadid.com deviceid.trueleadid.com	59 B
1	bkrtx.com tags.bkrtx.com	16 KB
1	google.de www.google.de	522 B
1	google.com www.google.com	522 B
1	gstatic.com fonts.gstatic.com	15 KB
1	listtrac.com code.listtrac.com	3 KB
65	28

	Domain	Requested by
7	bill.discovernorthdallas.com	bill.discovernorthdallas.com d2hnwe88wt837l.cloudfront.net
6	tag.yieldoptimizer.com	2 redirects
6	yl-clients-prod.s3.amazonaws.com	bill.discovernorthdallas.com
5	d2hnwe88wt837l.cloudfront.net	bill.discovernorthdallas.com d2hnwe88wt837l.cloudfront.net
4	sdk.adara.com	d2hnwe88wt837l.cloudfront.net
4	idsync.rlcdn.com	1 redirects
4	bat.bing.com	bill.discovernorthdallas.com bat.bing.com
4	maps.googleapis.com	bill.discovernorthdallas.com maps.googleapis.com
3	cm.g.doubleclick.net	2 redirects
3	www.facebook.com	bill.discovernorthdallas.com
3	connect.facebook.net	d2hnwe88wt837l.cloudfront.net connect.facebook.net
3	www.googletagmanager.com	bill.discovernorthdallas.com code.listtrac.com
2	dpm.demdex.net	1 redirects
2	match.adsrvr.org	2 redirects
2	www.google-analytics.com	d2hnwe88wt837l.cloudfront.net
2	segment.prod.bidr.io	1 redirects bill.discovernorthdallas.com
1	stags.bluekai.com	tags.bkrtx.com
1	cm.ctnsnet.com	1 redirects
1	cms.analytics.yahoo.com
1	beacon.krxd.net
1	sd.turn.com	1 redirects
1	tag.adaraanalytics.com
1	deviceid.trueleadid.com
1	di.rlcdn.com
1	js.adara.com	www.googletagmanager.com
1	tags.bkrtx.com	www.googletagmanager.com
1	www.google.de	bill.discovernorthdallas.com
1	www.google.com	bill.discovernorthdallas.com
1	stats.g.doubleclick.net	d2hnwe88wt837l.cloudfront.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	d2hnwe88wt837l.cloudfront.net
1	code.listtrac.com	bill.discovernorthdallas.com
65	32

This site contains no links.

Subject Issuer	Validity	Valid
bill.discovernorthdallas.com R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.listtrac.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-23` - `2022-03-07`	2 years	crt.sh
*.segment.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
*.yieldoptimizer.com Go Daddy Secure Certificate Authority - G2	`2020-12-14` - `2022-01-15`	a year	crt.sh
staging.jobox.co.za GTS CA 1D4	`2021-08-10` - `2021-11-08`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2021-02-06` - `2022-03-07`	a year	crt.sh
*.adaraanalytics.com Go Daddy Secure Certificate Authority - G2	`2021-06-25` - `2022-07-27`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.adara.com Go Daddy Secure Certificate Authority - G2	`2021-05-31` - `2022-07-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://bill.discovernorthdallas.com/
Frame ID: CA30878C616308CB8D4145CE8B4339B6
Requests: 61 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-53JR6C
Frame ID: 6916E878D83D8AA89270778F13902F8A
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/23198?ret=html&phint=RE%3D1&phint=RE_01%3D1&phint=RE_02%3D1&phint=RE_03%3D1&phint=RE_04%3D1&phint=RE_06%3D1&phint=RE_09%3D1&phint=CT%3D1&phint=CT_01%3D1&phint=CT_02%3D1&phint=CT_03%3D1&phint=CT_04%3D1&phint=F_01%3D1&phint=F_03%3D1&phint=F_04%3D1&phint=F_06%3D1&phint=F_07%3D1&phint=HG%3D1&phint=HG_01%3D1&phint=HG_02%3D1&phint=HG_03%3D1&phint=HG_04%3D1&phint=HG_05%3D1&phint=HG_06%3D1&phint=HG_07%3D1&phint=HG_08%3D1&phint=HG_09%3D1&phint=HG_10%3D1&phint=HG_11%3D1&phint=HG_12%3D1&phint=HG_13%3D1&phint=HG_14%3D1&phint=HI%3D1&phint=HI_01%3D1&phint=HI_02%3D1&phint=HI_03%3D1&phint=HI_04%3D1&phint=HI_05%3D1&phint=HI_06%3D1&phint=HI_07%3D1&phint=HI_08%3D1&phint=HI_09%3D1&phint=HI_10%3D1&phint=HI_11%3D1&phint=HI_12%3D1&phint=HI_13%3D1&phint=HI_14%3D1&phint=HI_15%3D1&phint=HI_16%3D1&phint=HI_17%3D1&phint=HI_18%3D1&phint=HI_19%3D1&phint=TH%3D1&phint=TH_01%3D1&phint=id%3D6c2d1272-0255-416c-99df-111e7ebf8689&phint=__bk_t%3DHome%20Search&phint=__bk_k%3DHome%20Search&phint=__bk_l%3Dhttps%3A%2F%2Fbill.discovernorthdallas.com%2F&phint=__bk_v%3D3.1.10&limit=10&r=49979775
Frame ID: FA3AE1BEBFB7F5BE4447AE9B6E50A70D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Search

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

65
Requests

100 %
HTTPS

39 %
IPv6

28
Domains

32
Subdomains

28
IPs

5
Countries

1223 kB
Transfer

3752 kB
Size

32
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://segment.prod.bidr.io/associate-segment?buzz_key=fanserv&segment_alt_id=ylopo-20125&account_id=4&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=fanserv&segment_alt_id=ylopo-20125&account_id=4&value=&_bee_ppp=1

Request Chain 41

https://tag.yieldoptimizer.com/ps/ps?t=s&p=2407&pg=pv&u=6c2d1272-0255-416c-99df-111e7ebf8689&si=bill.discovernorthdallas.com&uut=b&st=x& HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=149043479&t=s&p=2407&pg=pv&u=6c2d1272-0255-416c-99df-111e7ebf8689&si=bill.discovernorthdallas.com&uut=b&st=x&

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNTEwNjY3ODQ2MQ&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNTEwNjY3ODQ2MQ&google_sc=&google_tc=

Request Chain 47

https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=o456qfe&ttd_tpi=1 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=61bdae4f-0f0f-48b6-9505-7c5b7fd5d1de

Request Chain 50

https://sd.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=6973662242689252603

Request Chain 51

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015106678461 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3015106678461

Request Chain 54

https://cm.ctnsnet.com/int/cm?crdp=true&prv=ar&uid=3015106678461 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=b54d33240ffc4e67984fe7621916dd11

Request Chain 58

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2407&_yoid=5d76af0f-aa55-48bc-b464-c7c9acb95f0e&_yosid=b1ae5c06-99d9-4ad3-8337-9cc7c9e52b0b HTTP 302
https://idsync.rlcdn.com/367258.gif?partner_uid=3015106678461 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOmqZeR8jtX9QGxTZpP0Jzo&google_cver=1

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bill.discovernorthdallas.com/ 127 KB
20 KB 652ms
247ms Document
text/html 52.40.147.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bill.discovernorthdallas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.40.147.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-147-254.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: b5bd2c75867d3ceba4a266f90986a7dbee8018adb24dd98b682851cc6fdeb168

Request headers

Host: bill.discovernorthdallas.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 08 Sep 2021 15:22:38 GMT
content-type: text/html; charset=utf-8
transfer-encoding: chunked
connection: close
x-powered-by: Express
etag: W/"1fcd3-KSNr+2rJwwYVsOYNjROlkYuwoS4"
set-cookie: connect.sid=s%3Ar3vdqtDf0hT_3unD3_fWvYPwkGq42N-t.MkHYoyN%2FIErwV8g6YdmtY3hyjckEWno69IkE%2BoFaqBE; Domain=.discovernorthdallas.com; Path=/; Expires=Mon, 07 Mar 2022 15:22:38 GMT; HttpOnly
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
37 KB 114ms
38ms Script
application/javascript 2a00:1450:4007:805::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Requested by

Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:805::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffb6a05c6f651d129ec4d0008575f715f82ca688dbe11b100d62eb4b98143f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37464
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Sep 2021 15:22:39 GMT

GET
H2 200 vendors~malabar~ssr.chunk.0654e659ac1a4ae6fcb4.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 401 KB
130 KB 169ms
82ms Script
application/javascript 2600:9000:218d:1e00:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/vendors~malabar~ssr.chunk.0654e659ac1a4ae6fcb4.js
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:1e00:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ba5e9c8bf5272351d09260b2152a134de01bafa0e38fc3f62c03952d3fcdd5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:36:09 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 21:32:27 GMT
server: AmazonS3
age: 2569591
etag: W/"af2552edd5ed57a5192760917ec599bf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b4e2529be13169ec5ee4214df435dab.cloudfront.net (CloudFront)
cache-control: max-age=5184000
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: KjVIWb8XTq7XJ2r0meL2-CV1CNc-gI5gwwZfyVqJorp6geoTCLGShg==

GET
H2 200 vendors~malabar.chunk.3483faf9aa4a23948191.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 507 KB
133 KB 204ms
117ms Script
application/javascript 2600:9000:218d:1e00:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/vendors~malabar.chunk.3483faf9aa4a23948191.js
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:1e00:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63f0faf0af00a0a6ce9a7894ab04a6ee5d7442299384dc6d2590cea2de33b4ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:36:09 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 21:32:27 GMT
server: AmazonS3
age: 2569591
etag: W/"a3e9f1e335c075f9e9714502549a2ec2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b4e2529be13169ec5ee4214df435dab.cloudfront.net (CloudFront)
cache-control: max-age=5184000
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: vFQDt_rEBWD623lHZljPMrqqNnT52x0m9l4HWZb4INTddIUJVPbVIg==

GET
H2 200 malabar.chunk.b14c74ab3cc18681439c.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 637 KB
140 KB 127ms
41ms Script
application/javascript 2600:9000:218d:1e00:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/malabar.chunk.b14c74ab3cc18681439c.js
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:1e00:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fc98ce97ccef35b2b921d3e6bd13b003848b6a9a5bc714e484215f62116b545

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:32:07 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:28:53 GMT
server: AmazonS3
age: 1723833
etag: W/"605d3259cde7377608101af958324add"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b4e2529be13169ec5ee4214df435dab.cloudfront.net (CloudFront)
cache-control: max-age=5184000
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: 1-I57ZNd8liaumZ_ihGrAzm7BVa8gcrwoHGmpSHXR7Nn-qjRg0goPA==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 144 KB
47 KB 127ms
53ms Script
text/javascript 2a00:1450:4007:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places

Requested by

Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

494ebc18d758da1423cfcb1a4af4321da99fb2417fe01ecf7fa7a80d25d40560

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:39 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47885
x-xss-protection: 0
expires: Wed, 08 Sep 2021 15:52:39 GMT

GET
H2 200 monitor.ashx Show response
code.listtrac.com/ 4 KB
3 KB 583ms
167ms Script
application/x-javascript 168.62.203.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.listtrac.com/monitor.ashx?acct=x_100684&nonjq=1
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.203.102 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 10f038abb165ee3e1f1fe2f8fbb5d2348bbe042343b8a6efc8d79d3392d0ed02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:39 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,POST,DELETE,HEAD,PUT,OPTIONS
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
access-control-expose-headers: X-Olaround-Debug-Mode, X-Olaround-Request-Start-Timestamp, X-Olaround-Request-End-Timestamp, X-Olaround-Request-Time, X-Olaround-Request-Method, X-Olaround-Request-Result, X-Olaround-Request-Endpoint
cache-control: public
content-type: application/x-javascript; charset=utf-8
access-control-allow-headers: Origin, X-Olaround-Debug-Mode, Authorization, Accept
content-length: 2039
expires: Tue, 07 Sep 2021 15:22:39 GMT

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=fanserv&segment_alt_id=ylopo-20125&account_id=4&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=fanserv&segment_alt_id=ylopo-20125&account_id=4&value=&_bee_ppp=1

43 B
793 B

31ms
30ms

Image
image/gif

34.251.67.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=fanserv&segment_alt_id=ylopo-20125&account_id=4&value=&_bee_ppp=1

Requested by

Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.67.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-67-88.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 08 Sep 2021 15:22:39 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=fanserv&segment_alt_id=ylopo-20125&account_id=4&value=&_bee_ppp=1
Date: Wed, 08 Sep 2021 15:22:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK e6322fe540cbeb10501b4a0e6e502f5b.css
bill.discovernorthdallas.com/client-styles/ 16 KB
3 KB 571ms
205ms Stylesheet
text/css 52.40.147.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bill.discovernorthdallas.com/client-styles/e6322fe540cbeb10501b4a0e6e502f5b.css
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.40.147.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-147-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 026da87c5e2d7cb04b95de1b382a7bb1463b3f15c62be1cf09a8e800f6d20d22

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bill.discovernorthdallas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bill.discovernorthdallas.com/
Cookie: connect.sid=s%3Ar3vdqtDf0hT_3unD3_fWvYPwkGq42N-t.MkHYoyN%2FIErwV8g6YdmtY3hyjckEWno69IkE%2BoFaqBE
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:39 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 15:22:39 GMT
etag: W/"3fc7-17bc601003c"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
transfer-encoding: chunked
connection: close
accept-ranges: bytes

GET
H2 200 malabar.chunk.ba28bb5819861b3a7b44.css
d2hnwe88wt837l.cloudfront.net/build/js/ 295 KB
39 KB 106ms
28ms Stylesheet
text/css 2600:9000:218d:1e00:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/malabar.chunk.ba28bb5819861b3a7b44.css
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:1e00:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b8f4e9d69bda4cb55bf8a4fde57ea4209a820a3a33fde91e4b49f6096487db6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:36:09 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 21:32:26 GMT
server: AmazonS3
age: 2569591
etag: W/"164575a41a42e135301fcfeaa42042ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 6b4e2529be13169ec5ee4214df435dab.cloudfront.net (CloudFront)
cache-control: max-age=5184000
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: S-_5kKgKtTLDhifEwnTJB9NpZYJVV1VH0rcFKV7OIFpu1FDzNZZ-9A==

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 92ms
38ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:39 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: C59DB4B5AF524543B6269F4E75363E4A Ref B: FRAEDGE1507 Ref C: 2021-09-08T15:22:39Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 204 5561391.js Show response
bat.bing.com/p/action/ 0
109 B 33ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5561391.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Sep 2021 15:22:39 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: AC63DE28D1694A0083DB152CE41449C6 Ref B: FRAEDGE1507 Ref C: 2021-09-08T15:22:39Z
x-cache: CONFIG_NOCACHE

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 73ms
17ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/malabar.chunk.b14c74ab3cc18681439c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: 6Bh93VJf+SGHsKslrX9Y0zCBkJZU4AQ8xRVwfDD8UkjzB3WOWSUVAOery7NKPgpHRXqy4jvX/Lsx7FRBnn2wzA==
x-fb-trip-id: 1460883810
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 15:22:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 89ms
21ms Script
text/javascript 2a00:1450:4007:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/malabar.chunk.b14c74ab3cc18681439c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2599
date: Wed, 08 Sep 2021 14:39:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 08 Sep 2021 16:39:20 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 258 KB
77 KB 77ms
24ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/malabar.chunk.b14c74ab3cc18681439c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

301037cbe47dde1fffd4517d67286d127c62ce32e75fd833ee6a32816633e75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3ZdDS1c7AAHDaW9qNGw+iQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 78001
x-fb-rlafr: 0
x-fb-debug: e6bBo3vl28NwaErh0Aj+aNlsta65kKFqAuF19vH4nuttSSLFWkl0S/NtLI3MMQL9t48pRrc8Kt6jXlbLqaprjg==
x-fb-trip-id: 1460883810
x-fb-content-md5: e59286f55f2828e0f6b9cda12248537c
x-frame-options: DENY
date: Wed, 08 Sep 2021 15:22:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ccc59b6cac7b450daa5b714c5832e1f5"
timing-allow-origin: *
expires: Wed, 08 Sep 2021 15:35:45 GMT

GET
H/1.1 200
OK person Show response
bill.discovernorthdallas.com/api/1.0/ 75 B
374 B 564ms
226ms XHR
application/json 52.40.147.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bill.discovernorthdallas.com/api/1.0/person
Requested by: Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/vendors~malabar~ssr.chunk.0654e659ac1a4ae6fcb4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.40.147.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-147-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4141343b0dd88c7ad0857c94a26b9592657f2c43a65f079b87debe519607abc1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bill.discovernorthdallas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://bill.discovernorthdallas.com/
Cookie: connect.sid=s%3Ar3vdqtDf0hT_3unD3_fWvYPwkGq42N-t.MkHYoyN%2FIErwV8g6YdmtY3hyjckEWno69IkE%2BoFaqBE
Connection: keep-alive
Accept: application/json, text/plain, */*
Referer: https://bill.discovernorthdallas.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:40 GMT
etag: W/"4b-sl5GXQ+t/fwLgR8NXTj8PgYYlc8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
connection: close
content-length: 75
expires: -1

GET
H/1.1 200
OK 13a08fbe-9a47-4b8b-b4c3-c410abde512eKellyVaughan_67087284_vaughanteamlogopng.png
yl-clients-prod.s3.amazonaws.com/ 18 KB
19 KB 492ms
135ms Image
application/octet-stream 52.216.244.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/13a08fbe-9a47-4b8b-b4c3-c410abde512eKellyVaughan_67087284_vaughanteamlogopng.png
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70a084725ed8514195ac938e4efb79b424d303a770fef0d24ee25d681c10ba0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 15:22:41 GMT
Last-Modified: Tue, 29 Dec 2020 01:57:27 GMT
Server: AmazonS3
x-amz-request-id: FA83ZNWWCPCW5X6A
ETag: "a19bfdf8d469c2e7928d3ff9e082e3b1"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 18725
x-amz-id-2: bbwIIgd9h+CAjsMVlrr+j8VGVki/TjMt0jh3PVxj9SVJwxStN91f8WdaWE5FnairrvvMqQqRfsY=

GET
H/1.1 200
OK arrow.png
bill.discovernorthdallas.com/assets/images/ 2 KB
2 KB 539ms
190ms Image
image/png 52.40.147.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bill.discovernorthdallas.com/assets/images/arrow.png
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.40.147.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-147-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4b10fe9905a80c45f0067e57522e7c04bb03ea8cf18b642fd701faa27b1ab575

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bill.discovernorthdallas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bill.discovernorthdallas.com/
Cookie: connect.sid=s%3Ar3vdqtDf0hT_3unD3_fWvYPwkGq42N-t.MkHYoyN%2FIErwV8g6YdmtY3hyjckEWno69IkE%2BoFaqBE
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:40 GMT
last-modified: Wed, 25 Aug 2021 21:13:57 GMT
etag: W/"64d-17b7f299608"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5256000
connection: close
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 1613

GET
H/1.1 200
OK f8753ab2-acd2-4e4d-aa53-5d5ba7a2047dimageedit_6_8515291605%20-%20Copy.png
yl-clients-prod.s3.amazonaws.com/ 11 KB
11 KB 503ms
146ms Image
application/octet-stream 52.216.244.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/f8753ab2-acd2-4e4d-aa53-5d5ba7a2047dimageedit_6_8515291605%20-%20Copy.png
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0f62401a66656d65c3090998a16ff609e0534217734f10944613afb432f41ce9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 15:22:41 GMT
Last-Modified: Tue, 29 Dec 2020 01:57:27 GMT
Server: AmazonS3
x-amz-request-id: FA8A4EB82AY6C6SP
ETag: "09f0cfab5f42e35e7629d80992758b1d"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 10978
x-amz-id-2: 00GPPoTQ7Log8aDFhC0HULoBysSQoFcTXCpdlflwqw9MZWngjoNGHRGCLm0F9TATAIoiYkPrrZs=

GET
H/1.1 200
OK 57e4bb86-3793-4d14-a963-bf5ed8338d51imageedit_8_3511105937%20-%20Copy.png
yl-clients-prod.s3.amazonaws.com/ 21 KB
21 KB 505ms
148ms Image
application/octet-stream 52.216.244.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/57e4bb86-3793-4d14-a963-bf5ed8338d51imageedit_8_3511105937%20-%20Copy.png
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cba1bce0b379e362b1787c6208f22a09ae04b34cc55cb316042da2cc3f78cad9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 15:22:41 GMT
Last-Modified: Tue, 29 Dec 2020 01:57:27 GMT
Server: AmazonS3
x-amz-request-id: FA81ZTX19CPYS1HP
ETag: "a0f0df78d75467bbb0233f1e64479f7f"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 21329
x-amz-id-2: 8/3Qctb5TYmlCz4KNcmzaL/SCZJn7BuuPpJfzZsZ6O/aF4xetitt1gDKnm4YawHoFNtgTE2weJk=

GET
H/1.1 200
OK f0b9176b-26b5-49ee-93a3-815404134765imageedit_10_6690511758.png
yl-clients-prod.s3.amazonaws.com/ 7 KB
8 KB 538ms
181ms Image
application/octet-stream 52.216.244.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/f0b9176b-26b5-49ee-93a3-815404134765imageedit_10_6690511758.png
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e268734b010c6e3b9c231edcc912be2a58ebbab72deb120c325bb6620e747cd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 15:22:41 GMT
Last-Modified: Tue, 29 Dec 2020 01:57:27 GMT
Server: AmazonS3
x-amz-request-id: FA89EM63QJB5C51N
ETag: "75854e47a9afe12d464c8e538ffcfb37"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 7594
x-amz-id-2: JEpgJqOPSNbJX/jZMHSNkgqda/fiRV9BKaLZSqFBNlVta3kZ6+x+U9sSpZhaD/M8Whb5qLDp3gc=

GET
H/1.1 200
OK 84c23c40-4980-4a02-8ac6-dca99a3b9459KellyVaughan_67087285_KellerWilliams_Realty_McKinney_Logo_RGB.png
yl-clients-prod.s3.amazonaws.com/ 5 KB
5 KB 515ms
146ms Image
application/octet-stream 52.216.244.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/84c23c40-4980-4a02-8ac6-dca99a3b9459KellyVaughan_67087285_KellerWilliams_Realty_McKinney_Logo_RGB.png
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e067fbc4c7f94ba045184a918fd009dfd65e28e620189acd2560f63dcd071738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 15:22:41 GMT
Last-Modified: Tue, 29 Dec 2020 01:57:27 GMT
Server: AmazonS3
x-amz-request-id: FA8FWCVAAFYFVT08
ETag: "83500d4aee4bfb187cdc135ad73a2d98"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 5073
x-amz-id-2: JGfYTAuYc/WLnXx1TFKccRi0b+nSWJ3z5O+dOoxe301VdjkW0NYlG9c9XBCa0BUT29raG6/XLnU=

GET
H/1.1 200
OK ef0679cb-c966-455a-8b1c-1508ed4ae9d6equal-housing-opportunity-white%20%281%29.png
yl-clients-prod.s3.amazonaws.com/ 2 KB
3 KB 507ms
137ms Image
application/octet-stream 52.216.244.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/ef0679cb-c966-455a-8b1c-1508ed4ae9d6equal-housing-opportunity-white%20%281%29.png
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: abb41bd6569f8db762dc436a6f0340b81e41ec980804c7d94904d89c3bdc57b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 15:22:41 GMT
Last-Modified: Tue, 29 Dec 2020 01:57:27 GMT
Server: AmazonS3
x-amz-request-id: FA845FKYRC9JEE24
ETag: "35f78fd6290b782e1d85a95fe237a7e6"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 2244
x-amz-id-2: 0fVEMVLvKeuIvgNRcCVzzv5NiwGi1pcvo/D5mFaJc/MTF3HtEZ5GkX2+XyJ1WXzCgwvMucvlTIo=

GET
H/1.1 200
OK kitchen.jpg
bill.discovernorthdallas.com/api/1.0/image/hero/ 104 KB
104 KB 534ms
183ms Image
image/jpeg 52.40.147.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bill.discovernorthdallas.com/api/1.0/image/hero/kitchen.jpg
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.40.147.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-147-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ffb0d4d81c4d8607ae31e22465425b08c2d198970971151502322e144adbbd20

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bill.discovernorthdallas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bill.discovernorthdallas.com/
Cookie: connect.sid=s%3Ar3vdqtDf0hT_3unD3_fWvYPwkGq42N-t.MkHYoyN%2FIErwV8g6YdmtY3hyjckEWno69IkE%2BoFaqBE
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:40 GMT
last-modified: Wed, 25 Aug 2021 21:13:57 GMT
etag: W/"1a097-17b7f299608"
content-type: image/jpeg
x-sent: true
x-timestamp: 1631114560360
cache-control: public, max-age=3600
connection: close
accept-ranges: bytes
content-length: 106647

GET
H2 200 20fd1704ea223900efa9fd4e869efb08.woff2
d2hnwe88wt837l.cloudfront.net/build/js/ 75 KB
76 KB 743ms
686ms Font
font/woff2 2600:9000:218d:1e00:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/20fd1704ea223900efa9fd4e869efb08.woff2
Requested by: Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/malabar.chunk.ba28bb5819861b3a7b44.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:1e00:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://d2hnwe88wt837l.cloudfront.net/build/js/malabar.chunk.ba28bb5819861b3a7b44.css
Origin: https://bill.discovernorthdallas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:41 GMT
via: 1.1 31a1ed822e5cb0d9c8c86a015f42b7bf.cloudfront.net (CloudFront)
last-modified: Wed, 25 Aug 2021 22:09:39 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=5184000
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 77160
x-amz-cf-id: -OC9scNshXK_he9zfxV9txUUCqZSxMaoKmxxq8chnchC8X2-FpQgFw==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 112ms
32ms Stylesheet
text/css 2a00:1450:4007:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/malabar.chunk.b14c74ab3cc18681439c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 13:52:02 GMT
server: ESF
date: Wed, 08 Sep 2021 15:22:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Sep 2021 15:22:39 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5561391&Ver=2&mid=f29aba59-f843-4e6a-a012-2c1e5994087b&sid=9ad2b76010b811ec8a4c15fc9f0d1ca0&vid=9ad5571010b811ec916e633f77219ba5&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20Search&kw=Home%20Search&p=https%3A%2F%2Fbill.discovernorthdallas.com%2F&r=&lt=1628&evt=pageLoad&msclkid=N&sv=1&rn=404771
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 08 Sep 2021 15:22:39 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 8E92A9482E1A45C6802094F00EC66517 Ref B: FRAEDGE1507 Ref C: 2021-09-08T15:22:39Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 32ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5561391&Ver=2&mid=ce23790d-9755-4c95-8a12-0cfb9e4e5d44&sid=9ad2b76010b811ec8a4c15fc9f0d1ca0&vid=9ad5571010b811ec916e633f77219ba5&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20Search&kw=Home%20Search&p=https%3A%2F%2Fbill.discovernorthdallas.com%2F&r=&lt=1628&evt=pageLoad&msclkid=N&sv=1&rn=229551
Requested by: Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 08 Sep 2021 15:22:39 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 0E0A8EC940B54C20929353A7AF249328 Ref B: FRAEDGE1507 Ref C: 2021-09-08T15:22:39Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 836151066530211 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 136ms
135ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/836151066530211?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1970aeeddccc9a138ac755edbcca04626a90ce3182cae185fc8079133c378a03

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: qMyaQe0SIcpKomxQ/VvYg2+8z8VQs9iHgeLzIS0seELhS2sA4cZNxwbS+cItf6PeZFg99JKmH8rw1h5+upKFAw==
x-fb-trip-id: 1460883810
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 15:22:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
218 B 40ms
37ms XHR
text/plain 2a00:1450:4007:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=237017327&t=pageview&_s=1&dl=https%3A%2F%2Fbill.discovernorthdallas.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=794885837&gjid=2129937854&cid=883913201.1631114560&tid=UA-58311306-5&_gid=1292212498.1631114560&_r=1&_slc=1&z=841120680

Requested by

Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/vendors~malabar~ssr.chunk.0654e659ac1a4ae6fcb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bill.discovernorthdallas.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bill.discovernorthdallas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 105ms
27ms Image
image/gif 2a03:2880:f142:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1274379729293810&ev=fb_page_view&dl=https%3A%2F%2Fbill.discovernorthdallas.com%2F&rl=&if=false&ts=1631114560038&sw=1600&sh=1200&at=

Requested by

Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:182:face:b00c:0:25de Marseille, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 15:22:40 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 100ms
25ms Font
font/woff2 2a00:1450:4007:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:817::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bill.discovernorthdallas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 23:51:41 GMT
x-content-type-options: nosniff
age: 574259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 23:51:41 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
472 B 81ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-58311306-5&cid=883913201.1631114560&jid=794885837&gjid=2129937854&_gid=1292212498.1631114560&_u=IEBAAAAAAAAAAC~&z=473621403

Requested by

Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/vendors~malabar~ssr.chunk.0654e659ac1a4ae6fcb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bill.discovernorthdallas.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Sep 2021 15:22:40 GMT
content-type: text/plain
access-control-allow-origin: https://bill.discovernorthdallas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 31ms
27ms Image
image/gif 2a03:2880:f142:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836151066530211&ev=PageView&dl=https%3A%2F%2Fbill.discovernorthdallas.com%2F&rl=&if=false&ts=1631114560159&cd[partyId]=20125&cd[partyWebsiteId]=65992&cd[country]=US&cd[currency]=USD&cd[isRegistered]=false&cd[experience]=buyer&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631114560156.190594936&it=1631114559965&coo=false&exp=p1&rqm=GET

Requested by

Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:182:face:b00c:0:25de Marseille, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 15:22:40 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 115ms
44ms Image
image/gif 2a00:1450:4007:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-58311306-5&cid=883913201.1631114560&jid=794885837&_u=IEBAAAAAAAAAAC~&z=1918892320

Requested by

Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 119ms
44ms Image
image/gif 2a00:1450:4007:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-58311306-5&cid=883913201.1631114560&jid=794885837&_u=IEBAAAAAAAAAAC~&z=1918892320

Requested by

Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK activity Show response
bill.discovernorthdallas.com/api/1.0/person/ 15 B
628 B 512ms
175ms XHR
application/json 52.40.147.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bill.discovernorthdallas.com/api/1.0/person/activity
Requested by: Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/vendors~malabar~ssr.chunk.0654e659ac1a4ae6fcb4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.40.147.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-147-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Sec-Fetch-Mode: cors
Origin: https://bill.discovernorthdallas.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: connect.sid=s%3Ar3vdqtDf0hT_3unD3_fWvYPwkGq42N-t.MkHYoyN%2FIErwV8g6YdmtY3hyjckEWno69IkE%2BoFaqBE; _uetsid=9ad2b76010b811ec8a4c15fc9f0d1ca0; _uetvid=9ad5571010b811ec916e633f77219ba5; _ga=GA1.3.883913201.1631114560; _gid=GA1.3.1292212498.1631114560; _gat=1; _fbp=fb.1.1631114560156.190594936
Connection: keep-alive
Content-Length: 399
Pragma: no-cache
Host: bill.discovernorthdallas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://bill.discovernorthdallas.com/
Sec-Fetch-Site: same-origin
Accept: application/json, text/plain, */*
Referer: https://bill.discovernorthdallas.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:40 GMT
etag: W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
vary: Origin, Accept-Encoding
connection: close
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bill.discovernorthdallas.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
set-cookie: connect.sid=s%3Ar3vdqtDf0hT_3unD3_fWvYPwkGq42N-t.MkHYoyN%2FIErwV8g6YdmtY3hyjckEWno69IkE%2BoFaqBE; Domain=.discovernorthdallas.com; Path=/; Expires=Mon, 07 Mar 2022 15:22:40 GMT; HttpOnly
content-length: 15
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 28ms
27ms Image
image/gif 2a03:2880:f142:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836151066530211&ev=Microdata&dl=https%3A%2F%2Fbill.discovernorthdallas.com%2F&rl=&if=false&ts=1631114560662&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20Search%22%2C%22meta%3Akeywords%22%3A%22Home%20Search%22%2C%22meta%3Adescription%22%3A%22Home%20Search%20and%20latest%20real%20estate%20listings.%20%20Find%20your%20perfect%20home%20with%20us!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Home%20Search%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fbill.discovernorthdallas.com%3A443%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Home%20Search%20and%20latest%20real%20estate%20listings.%20%20Find%20your%20perfect%20home%20with%20us!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631114560156.190594936&it=1631114559965&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: bill.discovernorthdallas.com
URL: https://bill.discovernorthdallas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:182:face:b00c:0:25de Marseille, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 15:22:40 GMT

POST
H/1.1 200
OK events Show response
bill.discovernorthdallas.com/api/1.0/person/ 18 B
432 B 531ms
193ms XHR
application/json 52.40.147.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bill.discovernorthdallas.com/api/1.0/person/events
Requested by: Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/vendors~malabar~ssr.chunk.0654e659ac1a4ae6fcb4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.40.147.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-147-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6992dfd331d0b2bed736dc89634f2648c6b450809c54db5bdeb1a62a253307e0

Request headers

Sec-Fetch-Mode: cors
Origin: https://bill.discovernorthdallas.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: connect.sid=s%3Ar3vdqtDf0hT_3unD3_fWvYPwkGq42N-t.MkHYoyN%2FIErwV8g6YdmtY3hyjckEWno69IkE%2BoFaqBE; _uetsid=9ad2b76010b811ec8a4c15fc9f0d1ca0; _uetvid=9ad5571010b811ec916e633f77219ba5; _ga=GA1.3.883913201.1631114560; _gid=GA1.3.1292212498.1631114560; _gat=1; _fbp=fb.1.1631114560156.190594936
Connection: keep-alive
Content-Length: 73
Pragma: no-cache
Host: bill.discovernorthdallas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://bill.discovernorthdallas.com/
Sec-Fetch-Site: same-origin
Accept: application/json, text/plain, */*
Referer: https://bill.discovernorthdallas.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:41 GMT
etag: W/"12-99BLuv8A36LAHZBvC9KJDgf2JIM"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bill.discovernorthdallas.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
connection: close
content-length: 18
expires: -1

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 6916 266 B
275 B 30ms
29ms Document
text/html 2a00:1450:4007:805::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-53JR6C

Requested by

Host: code.listtrac.com
URL: https://code.listtrac.com/monitor.ashx?acct=x_100684&nonjq=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:805::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.googletagmanager.com
:scheme: https
:path: /ns.html?id=GTM-53JR6C
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bill.discovernorthdallas.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: *
date: Wed, 08 Sep 2021 15:22:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 92 KB
36 KB 36ms
35ms Script
application/javascript 2a00:1450:4007:805::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53JR6C

Requested by

Host: code.listtrac.com
URL: https://code.listtrac.com/monitor.ashx?acct=x_100684&nonjq=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:805::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0690ef130b0369ee86ce640878df5b4a693fdb2558e6e9f7be1a5ac6e7b9354d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36551
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Sep 2021 15:22:42 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 104ms
31ms Script
application/javascript 23.4.212.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53JR6C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.4.212.77 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-4-212-77.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Wed, 08 Sep 2021 15:22:42 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Wed, 15 Sep 2021 15:22:42 GMT

GET
H2

200

ps Show response
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=2407&pg=pv&u=6c2d1272-0255-416c-99df-111e7ebf8689&si=bill.discovernorthdallas.com&uut=b&st=x&
https://tag.yieldoptimizer.com/ps/ps?tc=149043479&t=s&p=2407&pg=pv&u=6c2d1272-0255-416c-99df-111e7ebf8689&si=bill.discovernorthdallas.com&uut=b&st=x&

1 KB
2 KB

17ms
17ms

Script
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=149043479&t=s&p=2407&pg=pv&u=6c2d1272-0255-416c-99df-111e7ebf8689&si=bill.discovernorthdallas.com&uut=b&st=x&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 0a0c44d9cfa22d54b59f7403063c87119240beabbf3631d82f77ed4f43016288

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
content-type: text/javascript;charset=ISO-8859-1
alt-svc: clear
content-length: 1202
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:42 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=149043479&t=s&p=2407&pg=pv&u=6c2d1272-0255-416c-99df-111e7ebf8689&si=bill.discovernorthdallas.com&uut=b&st=x&
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 index.js Show response
js.adara.com/ 4 KB
2 KB 53ms
8ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.adara.com/index.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53JR6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1995946fcd6cca9e6448b9692dd9e790013ba8fc80eaf48eb6191f286a680bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 23 Aug 2021 16:11:28 GMT
x-timer: S1631114563.785521,VS0,VE0
etag: "8044e79cdb4eddf5598e6e3b80607f3d47d82eaea0fc6604b2ee56b5faddfde6-br"
x-served-by: cache-hhn4077-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
date: Wed, 08 Sep 2021 15:22:42 GMT
accept-ranges: bytes
content-length: 1562
x-cache-hits: 143362

GET
H2 451 460189.html
di.rlcdn.com/ 0
66 B 51ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di.rlcdn.com/460189.html?pdata=RE_01%3D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:42 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 451 459759.gif
idsync.rlcdn.com/ 0
66 B 50ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/459759.gif?partner_uid=6c2d1272-0255-416c-99df-111e7ebf8689
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:42 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 vng.gif
deviceid.trueleadid.com/ 0
59 B 329ms
104ms Image
image/gif 54.156.223.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deviceid.trueleadid.com/vng.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.223.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-223-185.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:43 GMT
server: nginx
content-length: 0
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNTEwNjY3ODQ2MQ&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNTEwNjY3ODQ2MQ&google_sc=&google_tc=

170 B
245 B

36ms
31ms

Image
image/png

172.217.18.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNTEwNjY3ODQ2MQ&google_sc=&google_tc=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s14-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:42 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:42 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNTEwNjY3ODQ2MQ&google_sc=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=o456qfe&ttd_tpi=1
https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=61bdae4f-0f0f-48b6-9505-7c5b7fd5d1de

43 B
1 KB

16ms
16ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=61bdae4f-0f0f-48b6-9505-7c5b7fd5d1de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:42 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:42 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=61bdae4f-0f0f-48b6-9505-7c5b7fd5d1de
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 213

GET
H2 200 394499.gif
idsync.rlcdn.com/ 42 B
394 B 17ms
16ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3015106678461
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 15:22:42 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 aasync
tag.adaraanalytics.com/ps/ 0
355 B 158ms
15ms Image
text/plain 35.241.54.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxNTEwNjY3ODQ2MXwxNjMxMTE0NTYyNzk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.54.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.54.241.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:42 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://sd.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=6973662242689252603

43 B
1 KB

30ms
29ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=6973662242689252603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=6973662242689252603
pragma: no-cache
date: Wed, 08 Sep 2021 15:22:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015106678461
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3015106678461

42 B
943 B

31ms
31ms

Image
image/gif

34.240.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3015106678461

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.240.91.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-240-91-113.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-0b4dd7f9c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: TK7L5j8CTmU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v016-05abeeea0.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MZ0VrHz9TXk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3015106678461
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 usermatch.gif
beacon.krxd.net/ 0
338 B 118ms
34ms Image
text/plain 54.72.203.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adara&partner_uid=3015106678461
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.203.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-203-75.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:22:42 GMT
cache-control: private, no-cache, no-store
x-request-time: D=127 t=1631114562
x-served-by: beacon-n023-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 139ms
48ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=ADARA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://cm.ctnsnet.com/int/cm?crdp=true&prv=ar&uid=3015106678461
https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=b54d33240ffc4e67984fe7621916dd11

2 B
991 B

24ms
24ms

Image
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=b54d33240ffc4e67984fe7621916dd11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
content-type: text/javascript;charset=ISO-8859-1
alt-svc: clear
content-length: 2
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:42 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=b54d33240ffc4e67984fe7621916dd11
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 23198 Show response
stags.bluekai.com/site/ Frame FA3A 62 B
329 B 231ms
151ms Document
image/gif 23.57.80.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/23198?ret=html&phint=RE%3D1&phint=RE_01%3D1&phint=RE_02%3D1&phint=RE_03%3D1&phint=RE_04%3D1&phint=RE_06%3D1&phint=RE_09%3D1&phint=CT%3D1&phint=CT_01%3D1&phint=CT_02%3D1&phint=CT_03%3D1&phint=CT_04%3D1&phint=F_01%3D1&phint=F_03%3D1&phint=F_04%3D1&phint=F_06%3D1&phint=F_07%3D1&phint=HG%3D1&phint=HG_01%3D1&phint=HG_02%3D1&phint=HG_03%3D1&phint=HG_04%3D1&phint=HG_05%3D1&phint=HG_06%3D1&phint=HG_07%3D1&phint=HG_08%3D1&phint=HG_09%3D1&phint=HG_10%3D1&phint=HG_11%3D1&phint=HG_12%3D1&phint=HG_13%3D1&phint=HG_14%3D1&phint=HI%3D1&phint=HI_01%3D1&phint=HI_02%3D1&phint=HI_03%3D1&phint=HI_04%3D1&phint=HI_05%3D1&phint=HI_06%3D1&phint=HI_07%3D1&phint=HI_08%3D1&phint=HI_09%3D1&phint=HI_10%3D1&phint=HI_11%3D1&phint=HI_12%3D1&phint=HI_13%3D1&phint=HI_14%3D1&phint=HI_15%3D1&phint=HI_16%3D1&phint=HI_17%3D1&phint=HI_18%3D1&phint=HI_19%3D1&phint=TH%3D1&phint=TH_01%3D1&phint=id%3D6c2d1272-0255-416c-99df-111e7ebf8689&phint=__bk_t%3DHome%20Search&phint=__bk_k%3DHome%20Search&phint=__bk_l%3Dhttps%3A%2F%2Fbill.discovernorthdallas.com%2F&phint=__bk_v%3D3.1.10&limit=10&r=49979775
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.80.225 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-80-225.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://bill.discovernorthdallas.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/

Response headers

Content-Type: image/gif
Content-Length: 62
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 94f3
Date: Wed, 08 Sep 2021 15:22:43 GMT
Connection: keep-alive
X-N: S

OPTIONS
H2 200 api
sdk.adara.com/ Frame 0
0 63ms
20ms Preflight 34.102.191.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Protocol: H2
Server: 34.102.191.167 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-adara-key
Origin: https://bill.discovernorthdallas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: X-Adara-Key
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
date: Wed, 08 Sep 2021 15:22:42 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 api Show response
sdk.adara.com/ 2 B
83 B 29ms
23ms Fetch
text/plain 34.102.191.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Requested by: Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/vendors~malabar~ssr.chunk.0654e659ac1a4ae6fcb4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://bill.discovernorthdallas.com/
Accept-Language: de-DE,de;q=0.9
X-Adara-Key: NGUzOWM4ODktNGRjYy00ZTE1LWI4MmQtOTAwMWRlOWY5OWRk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 08 Sep 2021 15:22:42 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Adara-Key
content-length: 2

GET
H2

200

362358.gif
idsync.rlcdn.com/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2407&_yoid=5d76af0f-aa55-48bc-b464-c7c9acb95f0e&_yosid=b1ae5c06-99d9-4ad3-8337-9cc7c9e52b0b
https://idsync.rlcdn.com/367258.gif?partner_uid=3015106678461
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOmqZeR8jtX9QGxTZpP0Jzo&google_cver=1

42 B
0

15ms
15ms

Fetch
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOmqZeR8jtX9QGxTZpP0Jzo&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 15:22:43 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:43 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOmqZeR8jtX9QGxTZpP0Jzo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/3/intl/de_ALL/ 87 KB
32 KB 361ms
59ms Script
text/javascript 2a00:1450:4007:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/3/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dd151e1ad03b8a5e254859512921a89099a5e2f30da5eb316f8aaa88bce97b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32244
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 22:52:41 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Sep 2022 17:00:09 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/3/intl/de_ALL/ 288 KB
88 KB 328ms
27ms Script
text/javascript 2a00:1450:4007:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/3/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17986bb0127706a97def0b152bb1d8cd492a7c9875a6c29131c7609f7dff81c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 00:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90265
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 22:52:41 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 00:54:42 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
209 B 62ms
62ms Script
text/javascript 2a00:1450:4007:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fbill.discovernorthdallas.com%2F&4sAIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&callback=_xdc_._82ciyw&key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&token=90438

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/3/intl/de_ALL/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e456a1321849e5b22fe92e634cc1fc0a37450f23ea15e1a59ab2de1d477bb625

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bill.discovernorthdallas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:22:44 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 api Show response
sdk.adara.com/ 2 B
62 B 14ms
14ms Fetch
text/plain 34.102.191.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Requested by: Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/vendors~malabar~ssr.chunk.0654e659ac1a4ae6fcb4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://bill.discovernorthdallas.com/
Accept-Language: de-DE,de;q=0.9
X-Adara-Key: NGUzOWM4ODktNGRjYy00ZTE1LWI4MmQtOTAwMWRlOWY5OWRk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 08 Sep 2021 15:22:44 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Adara-Key
content-length: 2

OPTIONS
H2 200 api
sdk.adara.com/ Frame 0
0 15ms
15ms Preflight 34.102.191.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Protocol: H2
Server: 34.102.191.167 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-adara-key
Origin: https://bill.discovernorthdallas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: X-Adara-Key
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
date: Wed, 08 Sep 2021 15:22:44 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discovernorthdallas.com/	1970-01-20 01:24:26	Name: connect.sid Value: s%3Ar3vdqtDf0hT_3unD3_fWvYPwkGq42N-t.MkHYoyN%2FIErwV8g6YdmtY3hyjckEWno69IkE%2BoFaqBE
.bidr.io/	1970-01-20 06:33:48	Name: bito Value: AAA0NU7CcaoAAA3es0OiNQ
.bidr.io/	1970-01-20 06:33:48	Name: bitoIsSecure Value: ok
.bing.com/	1970-01-20 06:26:50	Name: MUID Value: 3378FF1AB65F6F962A9EEFB6B7346E90
.discovernorthdallas.com/	1970-01-19 21:06:40	Name: _uetsid Value: 9ad2b76010b811ec8a4c15fc9f0d1ca0
.discovernorthdallas.com/	1970-01-20 06:26:50	Name: _uetvid Value: 9ad5571010b811ec916e633f77219ba5
.bill.discovernorthdallas.com/	1970-01-20 14:36:26	Name: _ga Value: GA1.3.883913201.1631114560
.bill.discovernorthdallas.com/	1970-01-19 21:06:40	Name: _gid Value: GA1.3.1292212498.1631114560
.bill.discovernorthdallas.com/	1970-01-19 21:05:14	Name: _gat Value: 1
.facebook.com/	1970-01-19 23:14:50	Name: fr Value: 0LNJpxFXkLIAcSMTv..BhONVA...1.0.BhONVA.
.discovernorthdallas.com/	1970-01-19 23:14:50	Name: _fbp Value: fb.1.1631114560156.190594936
.yieldoptimizer.com/	1970-01-20 06:26:50	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 06:26:50	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 06:26:50	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 05:50:50	Name: cktst Value: 149043479
.yieldoptimizer.com/	1970-01-20 06:26:50	Name: ckid Value: 3015106678461
.bill.discovernorthdallas.com/	1970-01-20 05:50:50	Name: _yoid Value: 5d76af0f-aa55-48bc-b464-c7c9acb95f0e
.bill.discovernorthdallas.com/	1969-12-31 23:59:59	Name: _yosid Value: b1ae5c06-99d9-4ad3-8337-9cc7c9e52b0b
.ctnsnet.com/	1970-01-20 05:50:50	Name: cid_b54d33240ffc4e67984fe7621916dd11 Value: 1
.turn.com/	1970-01-20 01:24:26	Name: uid Value: 6973662242689252603
.krxd.net/	1970-01-20 01:24:26	Name: _kuid_ Value: OWZH7v0O
.adsrvr.org/	1970-01-20 05:50:50	Name: TDID Value: 61bdae4f-0f0f-48b6-9505-7c5b7fd5d1de
.demdex.net/	1970-01-20 01:24:26	Name: demdex Value: 17763880312098837342913988219620225774
.adaraanalytics.com/	1970-01-20 06:26:50	Name: ckid Value: 3015106678461
.adaraanalytics.com/	1970-01-20 06:26:50	Name: aackid Value: 3015106678461
.yieldoptimizer.com/	1970-01-20 06:26:50	Name: ph Value: %7B%22p%22%3A%5B1025%2C1457%2C1203%2C1476%2C39%2C1305%2C1034%2C1084%2C1022%2C1007%5D%2C%22t%22%3A%5B111207%2C111207%2C111207%2C111207%2C111207%2C111207%2C111207%2C111207%2C111207%2C111207%5D%7D
.dpm.demdex.net/	1970-01-20 01:24:26	Name: dpm Value: 17763880312098837342913988219620225774
.rlcdn.com/	1970-01-19 22:31:38	Name: pxrc Value: CMKq44kGEgYIuuoBEAA=
.adsrvr.org/	1970-01-20 05:50:50	Name: TDCPM Value: CAEYBSABKAIyCwiMheK-57n5ORAFOAE.
.yieldoptimizer.com/	1970-01-20 06:26:50	Name: dph Value: %7B%22t%22%3A%5B111207%2C111207%2C111207%5D%2C%22dp%22%3A%5B2407%2C4889%2C5530%5D%7D
.doubleclick.net/	1970-01-20 06:26:50	Name: IDE Value: AHWqTUnajkLmAa3pRU-G_CMxeSXU3bF6Q7sF4OaIPwoCB8JKG12j_beqte7wSJSIllA
.rlcdn.com/	1970-01-20 05:50:50	Name: rlas3 Value: pDK6j2ZIF1ea10rFy3x3yLlwiioG+3DoMwcylp0YXZg=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/459759.gif?partner_uid=6c2d1272-0255-416c-99df-111e7ebf8689 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://di.rlcdn.com/460189.html?pdata=RE_01%3D1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
beacon.krxd.net
bill.discovernorthdallas.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.listtrac.com
connect.facebook.net
d2hnwe88wt837l.cloudfront.net
deviceid.trueleadid.com
di.rlcdn.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
js.adara.com
maps.googleapis.com
match.adsrvr.org
sd.turn.com
sdk.adara.com
segment.prod.bidr.io
stags.bluekai.com
stats.g.doubleclick.net
tag.adaraanalytics.com
tag.yieldoptimizer.com
tags.bkrtx.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
yl-clients-prod.s3.amazonaws.com
151.101.1.195
168.62.203.102
172.217.18.194
212.82.100.182
23.4.212.77
23.57.80.225
2600:9000:218d:1e00:c:7a7f:d040:21
2620:1ec:c11::200
2a00:1450:4007:805::2008
2a00:1450:4007:80c::200a
2a00:1450:4007:80c::200e
2a00:1450:4007:80f::200a
2a00:1450:4007:810::2004
2a00:1450:4007:817::2003
2a00:1450:4007:81a::2003
2a00:1450:400c:c00::9d
2a03:2880:f01f:6:face:b00c:0:3
2a03:2880:f142:182:face:b00c:0:25de
34.102.191.167
34.240.91.113
34.251.67.88
35.186.193.173
35.186.212.60
35.241.54.161
35.244.174.68
46.228.164.27
52.216.244.140
52.40.147.254
54.156.223.185
54.72.203.75
76.223.111.131
026da87c5e2d7cb04b95de1b382a7bb1463b3f15c62be1cf09a8e800f6d20d22
0690ef130b0369ee86ce640878df5b4a693fdb2558e6e9f7be1a5ac6e7b9354d
0a0c44d9cfa22d54b59f7403063c87119240beabbf3631d82f77ed4f43016288
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f62401a66656d65c3090998a16ff609e0534217734f10944613afb432f41ce9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f038abb165ee3e1f1fe2f8fbb5d2348bbe042343b8a6efc8d79d3392d0ed02
1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8
17986bb0127706a97def0b152bb1d8cd492a7c9875a6c29131c7609f7dff81c0
1970aeeddccc9a138ac755edbcca04626a90ce3182cae185fc8079133c378a03
1995946fcd6cca9e6448b9692dd9e790013ba8fc80eaf48eb6191f286a680bec
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
301037cbe47dde1fffd4517d67286d127c62ce32e75fd833ee6a32816633e75d
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
4141343b0dd88c7ad0857c94a26b9592657f2c43a65f079b87debe519607abc1
494ebc18d758da1423cfcb1a4af4321da99fb2417fe01ecf7fa7a80d25d40560
4b10fe9905a80c45f0067e57522e7c04bb03ea8cf18b642fd701faa27b1ab575
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
63f0faf0af00a0a6ce9a7894ab04a6ee5d7442299384dc6d2590cea2de33b4ab
6992dfd331d0b2bed736dc89634f2648c6b450809c54db5bdeb1a62a253307e0
6b8f4e9d69bda4cb55bf8a4fde57ea4209a820a3a33fde91e4b49f6096487db6
70a084725ed8514195ac938e4efb79b424d303a770fef0d24ee25d681c10ba0d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8ba5e9c8bf5272351d09260b2152a134de01bafa0e38fc3f62c03952d3fcdd5e
9dd151e1ad03b8a5e254859512921a89099a5e2f30da5eb316f8aaa88bce97b8
9fc98ce97ccef35b2b921d3e6bd13b003848b6a9a5bc714e484215f62116b545
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
abb41bd6569f8db762dc436a6f0340b81e41ec980804c7d94904d89c3bdc57b6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b5bd2c75867d3ceba4a266f90986a7dbee8018adb24dd98b682851cc6fdeb168
cba1bce0b379e362b1787c6208f22a09ae04b34cc55cb316042da2cc3f78cad9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e067fbc4c7f94ba045184a918fd009dfd65e28e620189acd2560f63dcd071738
e268734b010c6e3b9c231edcc912be2a58ebbab72deb120c325bb6620e747cd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e456a1321849e5b22fe92e634cc1fc0a37450f23ea15e1a59ab2de1d477bb625
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffb0d4d81c4d8607ae31e22465425b08c2d198970971151502322e144adbbd20
ffb6a05c6f651d129ec4d0008575f715f82ca688dbe11b100d62eb4b98143f24

bill.discovernorthdallas.com Open in urlscan Pro 52.40.147.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

39 %IPv6

28 Domains

32 Subdomains

28 IPs

5 Countries

1223 kBTransfer

3752 kBSize

32 Cookies

0 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bill.discovernorthdallas.com Open in urlscan Pro
52.40.147.254 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

39 %
IPv6

28
Domains

32
Subdomains

28
IPs

5
Countries

1223 kB
Transfer

3752 kB
Size

32
Cookies

65 HTTP transactions
0 data transactions