cdn.mercurymagazines.com Open in urlscan Pro
2606:2800:233:1cb7:261b:1f9c:2074:3c  Public Scan

Submitted URL: https://links.mail1.m2mediagroup.com/els/v2/ymAdH0R6PdQP/bXVQZWJ3bVV5R2pseXdXY1Q0a2dkNEVaTkNoM24wdXNJVUQwTmlpR3ZyQmpGcUxMVnNnWWRCamd0...
Effective URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Submission: On July 05 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:2800:233:1cb7:261b:1f9c:2074:3c, located in United States and belongs to EDGECAST, US. The main domain is cdn.mercurymagazines.com. The Cisco Umbrella rank of the primary domain is 548195.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 17th 2021. Valid for: a year.
This is the only time cdn.mercurymagazines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
17 mercurymagazines.com
cdn.mercurymagazines.com — Cisco Umbrella Rank: 548195
1 MB
7 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 7066
113 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
40 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 766
441 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
1 m2mediagroup.com
links.mail1.m2mediagroup.com — Cisco Umbrella Rank: 179715
343 B
28 7
Domain Requested by
17 cdn.mercurymagazines.com cdn.mercurymagazines.com
7 cookie-cdn.cookiepro.com cdn.mercurymagazines.com
cookie-cdn.cookiepro.com
1 www.googletagmanager.com cookie-cdn.cookiepro.com
1 geolocation.onetrust.com cookie-cdn.cookiepro.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cdn.mercurymagazines.com
1 links.mail1.m2mediagroup.com 1 redirects
28 7

This site contains links to these domains. Also see Links.

Domain
www.mercurymagazines.com
www.cookiepro.com
Subject Issuer Validity Valid
sni61c2gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-17 -
2022-10-18
a year crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3
2022-04-19 -
2023-04-19
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-01-12 -
2023-01-12
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Frame ID: 323C7E7AA4541D2097A0E8A7E7630EAD
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

Mercury MagazinesBack ButtonFilter Button

Page URL History Show full URLs

  1. https://links.mail1.m2mediagroup.com/els/v2/ymAdH0R6PdQP/bXVQZWJ3bVV5R2pseXdXY1Q0a2dkNEVaTkNoM24wdXNJVUQwTmlpR3Zy... HTTP 302
    https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_l... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

1443 kB
Transfer

1857 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.mail1.m2mediagroup.com/els/v2/ymAdH0R6PdQP/bXVQZWJ3bVV5R2pseXdXY1Q0a2dkNEVaTkNoM24wdXNJVUQwTmlpR3ZyQmpGcUxMVnNnWWRCamd0MVFXWHA3dHF0eUVQSFRMNG9ncG9FcjQzQ0JtVVk3ZXg2a1N2dm5DcDFsTThXNnJ3SkU9S0/aTNzMHVqalBnUGZaS081Q29QODBSeG4rNjV0Vm9ZNjNiSWJCL2hNZGdjQlQ3VC9QVlVWWEdBWVVkUE5SalhpTHg2WHQ5SEpPU20zbjZXd3c3Qm5XcGpFUWxleTIyYUVhODJlTXlhVk5ZS2c9S0 HTTP 302
    https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.html
cdn.mercurymagazines.com/349-349344/
Redirect Chain
  • https://links.mail1.m2mediagroup.com/els/v2/ymAdH0R6PdQP/bXVQZWJ3bVV5R2pseXdXY1Q0a2dkNEVaTkNoM24wdXNJVUQwTmlpR3ZyQmpGcUxMVnNnWWRCamd0MVFXWHA3dHF0eUVQSFRMNG9ncG9FcjQzQ0JtVVk3ZXg2a1N2dm5DcDFsTThXNnJ3...
  • https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
14 KB
15 KB
Document
General
Full URL
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
173c4cb2b994abd9b725e196f9fa47c25899f74be7294d8ba506dc5a0dd6659c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=180
content-length
14588
content-md5
ifKlBbuOdu2s+yperYniGA==
content-type
text/html
date
Tue, 05 Jul 2022 13:37:11 GMT
etag
0x8DA59FB18B6D60A
last-modified
Wed, 29 Jun 2022 18:13:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
0b6cae8e-401e-00da-6d74-908bb0000000
x-ms-version
2009-09-19

Redirect headers

content-language
de-DE
content-length
0
date
Tue, 05 Jul 2022 13:37:11 GMT
location
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol Ann&name_last=Smith
server
istio-envoy
via
1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-id
42SO5Az9KutSj6Xfbqf50Q6NVqv2L6UrSdwjmgd0mt9TOXHTN9qgaA==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
5
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/
20 KB
8 KB
Script
General
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
jaQOgzI9+ZkWZRPB/GIusQ==
age
14082
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jun 2022 01:45:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
acfa19f6-901e-004d-3324-81f7a1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
72607e71ad179a3c-FRA
expires
Tue, 05 Jul 2022 17:37:11 GMT
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4ee745ddb73cf079c293a6aea2eac0fa10b70a47ccebc704d8aacaacc9bf8b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 13:32:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 05 Jul 2022 13:37:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Jul 2022 13:37:11 GMT
fontawesome-all.min.js
cdn.mercurymagazines.com/vendor/font-awesome/js/
657 KB
657 KB
Script
General
Full URL
https://cdn.mercurymagazines.com/vendor/font-awesome/js/fontawesome-all.min.js
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD9) /
Resource Hash
1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
last-modified
Fri, 02 Mar 2018 19:13:25 GMT
server
ECAcc (frc/8FD9)
age
85711
etag
0x8D58071ACA14F2E
x-cache
HIT
content-type
text/plain
x-ms-request-id
304c290c-101e-00af-2dac-8f0c0b000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
672449
bootstrap.min.css
cdn.mercurymagazines.com/vendor/bootstrap/css/
141 KB
142 KB
Stylesheet
General
Full URL
https://cdn.mercurymagazines.com/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F7C) /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:11 GMT
last-modified
Fri, 02 Mar 2018 19:12:14 GMT
server
ECAcc (frc/8F7C)
age
594911
etag
0x8D58071820CC54D
x-cache
HIT
content-type
text/css
x-ms-request-id
3fbd213d-001e-00bb-7c0b-8bcf6f000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
144877
select2.min.css
cdn.mercurymagazines.com/vendor/select2/css/
15 KB
15 KB
Stylesheet
General
Full URL
https://cdn.mercurymagazines.com/vendor/select2/css/select2.min.css
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD6) /
Resource Hash
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:11 GMT
last-modified
Fri, 02 Mar 2018 19:15:43 GMT
server
ECAcc (frc/8FD6)
age
351392
etag
0x8D58071FEACDA65
x-cache
HIT
content-type
text/css
x-ms-request-id
d6c29943-f01e-00ae-3142-8d0df6000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
15196
multiPanel.css
cdn.mercurymagazines.com/css/
10 KB
10 KB
Stylesheet
General
Full URL
https://cdn.mercurymagazines.com/css/multiPanel.css
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE7) /
Resource Hash
923723d25175e21962b8c7018bdc104d596da8a730afbfa9f3502fc29c58d9a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 13:37:11 GMT
last-modified
Wed, 20 Feb 2019 19:36:35 GMT
server
ECAcc (frc/8FE7)
age
346478
etag
0x8D6976AB9739999
x-cache
HIT
content-type
text/css
x-ms-request-id
afab9b68-c01e-012a-664d-8d1d8b000000
accept-ranges
bytes
content-length
10003
jobIndustry_dropdown.js
cdn.mercurymagazines.com/vendor/js/
56 KB
56 KB
Script
General
Full URL
https://cdn.mercurymagazines.com/vendor/js/jobIndustry_dropdown.js
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FCD) /
Resource Hash
9bb6d50142a103a16dc5df94c8d1c8a5464bc21488592f7c511ff1989438b998

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:11 GMT
last-modified
Thu, 22 Aug 2019 15:47:10 GMT
server
ECAcc (frc/8FCD)
age
594911
etag
0x8D72717FEBBA192
x-cache
HIT
content-type
application/octet-stream
x-ms-request-id
49fdafac-401e-009e-580b-8b57dc000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
57340
sanity.js
cdn.mercurymagazines.com/vendor/js/
2 KB
2 KB
Script
General
Full URL
https://cdn.mercurymagazines.com/vendor/js/sanity.js
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FCD) /
Resource Hash
acef024316dbeb4e0cddbf9c28a4191e5e5be4aa689b863446ca81345a256072

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:11 GMT
last-modified
Thu, 22 Aug 2019 15:47:10 GMT
server
ECAcc (frc/8FCD)
age
339062
etag
0x8D72717FEAE58B8
x-cache
HIT
content-type
application/octet-stream
x-ms-request-id
38ae51cb-f01e-00ae-285e-8d0df6000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
2100
validateform.js
cdn.mercurymagazines.com/vendor/js/
12 KB
12 KB
Script
General
Full URL
https://cdn.mercurymagazines.com/vendor/js/validateform.js
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF2) /
Resource Hash
cdb29791d01a12b7ee2bc88cf64899c3f4c1f1561066241328eed721b027b6f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:11 GMT
last-modified
Thu, 22 Aug 2019 15:47:10 GMT
server
ECAcc (frc/8FF2)
age
594911
etag
0x8D72717FEAF6A62
x-cache
HIT
content-type
application/octet-stream
x-ms-request-id
6dfb7f45-601e-0089-680b-8b97bf000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
11874
promo_landing.js
cdn.mercurymagazines.com/vendor/js/
9 KB
9 KB
Script
General
Full URL
https://cdn.mercurymagazines.com/vendor/js/promo_landing.js
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6D) /
Resource Hash
8167d8193187d22b301c54fccd3fdb4a3d9fcc8598562db424687b68ccdc7d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:11 GMT
last-modified
Fri, 20 Sep 2019 20:44:30 GMT
server
ECAcc (frc/8F6D)
age
339062
etag
0x8D73E0B55CD6C35
x-cache
HIT
content-type
text/javascript
x-ms-request-id
ac409966-901e-00d3-345e-8d913e000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
8972
mercury-logo.svg
cdn.mercurymagazines.com/images/
10 KB
11 KB
Image
General
Full URL
https://cdn.mercurymagazines.com/images/mercury-logo.svg
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F70) /
Resource Hash
a4ad24e5c924db80aedaff29386a443504ae522f8f9f37b57f70258cd7f9925f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
last-modified
Thu, 22 Aug 2019 18:44:05 GMT
server
ECAcc (frc/8F70)
age
85711
etag
0x8D72730B572A72D
x-cache
HIT
content-type
image/svg+xml
x-ms-request-id
15602faa-801e-0029-65ac-8f58d9000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
10725
bwn_wordmark.svg
cdn.mercurymagazines.com/349-349344/images/
14 KB
14 KB
Image
General
Full URL
https://cdn.mercurymagazines.com/349-349344/images/bwn_wordmark.svg
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f58cf7900b259a7492815bb37b58e11b3b67ac3947920bd20db23e65dc679925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:11 GMT
last-modified
Wed, 29 Jun 2022 18:13:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Om3cbPrsnwVuwSLEQYZqlg==
etag
0x8DA59FB18BA30F7
content-type
image/svg+xml
x-ms-request-id
571548c2-301e-0019-5d74-9002f3000000
cache-control
public, max-age=180
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
13914
entrepreneur6212022.jpeg
cdn.mercurymagazines.com/349-349344/images/
79 KB
79 KB
Image
General
Full URL
https://cdn.mercurymagazines.com/349-349344/images/entrepreneur6212022.jpeg
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b4b2c0b4fc4495be6a268c2ceb044c2152975ab237ac02a443b0631815795e98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
last-modified
Wed, 29 Jun 2022 18:13:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
b6Ghm7t2yB90aB10UwVa/Q==
etag
0x8DA59FB18BE0104
content-type
image/jpeg
x-ms-request-id
3163cf3c-701e-0073-7c74-905e58000000
cache-control
public, max-age=180
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
80487
jquery-3.3.1.min.js
cdn.mercurymagazines.com/vendor/jquery/
85 KB
85 KB
Script
General
Full URL
https://cdn.mercurymagazines.com/vendor/jquery/jquery-3.3.1.min.js
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE7) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
last-modified
Fri, 02 Mar 2018 19:14:01 GMT
server
ECAcc (frc/8FE7)
age
369353
etag
0x8D58071C1C3CD19
x-cache
HIT
content-type
text/plain
x-ms-request-id
4f2ee738-f01e-0062-7418-8d6943000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
86927
popper.min.js
cdn.mercurymagazines.com/vendor/popper/
19 KB
19 KB
Script
General
Full URL
https://cdn.mercurymagazines.com/vendor/popper/popper.min.js
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F62) /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
last-modified
Fri, 02 Mar 2018 19:15:30 GMT
server
ECAcc (frc/8F62)
age
556847
etag
0x8D58071F6AB83BD
x-cache
HIT
content-type
text/plain
x-ms-request-id
02a19753-801e-006d-7263-8b84b5000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
19188
bootstrap.min.js
cdn.mercurymagazines.com/vendor/bootstrap/js/
48 KB
48 KB
Script
General
Full URL
https://cdn.mercurymagazines.com/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F4C) /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
last-modified
Fri, 02 Mar 2018 19:13:47 GMT
server
ECAcc (frc/8F4C)
age
369353
etag
0x8D58071B979A060
x-cache
HIT
content-type
text/plain
x-ms-request-id
16e8d4e7-901e-00f1-7c18-8dff08000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
48944
select2.min.js
cdn.mercurymagazines.com/vendor/select2/js/
65 KB
65 KB
Script
General
Full URL
https://cdn.mercurymagazines.com/vendor/select2/js/select2.min.js
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2C) /
Resource Hash
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
last-modified
Fri, 02 Mar 2018 19:15:59 GMT
server
ECAcc (frc/8F2C)
age
602926
etag
0x8D5807208091E35
x-cache
HIT
content-type
text/plain
x-ms-request-id
8ac9a107-a01e-00bd-30f8-8a3817000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
66606
multiPanel.js
cdn.mercurymagazines.com/vendor/js/
7 KB
7 KB
Script
General
Full URL
https://cdn.mercurymagazines.com/vendor/js/multiPanel.js?ver=1.0.3
Requested by
Host: cdn.mercurymagazines.com
URL: https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F81) /
Resource Hash
126d1498d1d477784f31f50cbc4e1a744b20c36d1bc1823327ab64475281de07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/349-349344/index.html?email=csmith@nbtbank.com&name_first=Carol%20Ann&name_last=Smith
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
last-modified
Wed, 20 Feb 2019 19:34:59 GMT
server
ECAcc (frc/8F81)
age
369353
etag
0x8D6976A8031069C
x-cache
HIT
content-type
text/javascript
x-ms-request-id
391e25a0-c01e-0025-4e18-8db628000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
7300
8750c54e-0b0d-4da5-a3fd-e9c82275b1e7.json
cookie-cdn.cookiepro.com/consent/8750c54e-0b0d-4da5-a3fd-e9c82275b1e7/
3 KB
2 KB
XHR
General
Full URL
https://cookie-cdn.cookiepro.com/consent/8750c54e-0b0d-4da5-a3fd-e9c82275b1e7/8750c54e-0b0d-4da5-a3fd-e9c82275b1e7.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1cefd4a4a935de282dee893e4d9fe5eb705b6169daacc6c98cbb81075877dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
dYkaL49isgHMEjOiRky+ZA==
age
217
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 15:20:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
757d0145-a01e-008d-7fe8-560f9f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
72607e727f256957-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cdn.mercurymagazines.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 23:32:09 GMT
x-content-type-options
nosniff
age
50703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 23:32:09 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
153 B
441 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://cdn.mercurymagazines.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 13:37:12 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
72607e736cb49b71-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/6.24.0/
317 KB
73 KB
Script
General
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.24.0/otBannerSdk.js
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
V5hcbF1dEgrls6P2M61C9g==
age
22432489
x-ms-lease-status
unlocked
last-modified
Thu, 16 Sep 2021 01:38:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3ca62268-101e-001e-506e-c4d495000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
72607e73c8249a3c-FRA
expires
Tue, 05 Jul 2022 17:37:12 GMT
en.json
cookie-cdn.cookiepro.com/consent/8750c54e-0b0d-4da5-a3fd-e9c82275b1e7/5a6077be-0a37-46e5-80ac-f7c2adfbbf71/
41 KB
10 KB
Fetch
General
Full URL
https://cookie-cdn.cookiepro.com/consent/8750c54e-0b0d-4da5-a3fd-e9c82275b1e7/5a6077be-0a37-46e5-80ac-f7c2adfbbf71/en.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.24.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adfade7710d14f54429db09ddbc8d41c0119e89bb49ed879005845d272665dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
Xa7PysONHFzq1RrYXJ/2Hw==
age
216
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 15:20:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
91c657e2-401e-0061-69eb-731b0e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
72607e747a6b6957-FRA
otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/6.24.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.24.0/assets/otFlat.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.24.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
6kn6x4Mq//asafVxYG5LSA==
age
216
x-ms-lease-status
unlocked
last-modified
Thu, 16 Sep 2021 01:38:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0121c124-601e-0082-7907-7b79f3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
72607e74eb2a6957-FRA
expires
Tue, 05 Jul 2022 17:37:12 GMT
otPcTab.json
cookie-cdn.cookiepro.com/scripttemplates/6.24.0/assets/v2/
46 KB
13 KB
Fetch
General
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.24.0/assets/v2/otPcTab.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.24.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f766c61297183207dea435ddd5ce006c7230aa27c834bb1bc4dbe01b83d97d69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
x/n5vYdkes7sKCqU8TquDQ==
age
216
x-ms-lease-status
unlocked
last-modified
Thu, 16 Sep 2021 01:38:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
551138ef-401e-002c-7e77-58d4e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
72607e74eb2d6957-FRA
expires
Tue, 05 Jul 2022 17:37:12 GMT
otCommonStyles.css
cookie-cdn.cookiepro.com/scripttemplates/6.24.0/assets/
20 KB
4 KB
Fetch
General
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.24.0/assets/otCommonStyles.css
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.24.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 13:37:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
216
x-ms-lease-status
unlocked
last-modified
Thu, 16 Sep 2021 01:38:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
11edf249-501e-00a6-6c07-7b8f53000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
72607e74eb2e6957-FRA
expires
Tue, 05 Jul 2022 17:37:12 GMT
js
www.googletagmanager.com/gtag/
103 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5416086-47
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.24.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c09efe44bc7f42ba56a9ad86fe34c884be344cd98879df6ee35191f4de42e23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mercurymagazines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 13:37:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40346
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Jul 2022 13:37:12 GMT
truncated
/
817 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| OneTrustStub function| OptanonWrapper function| NhNode function| NhN object| jf1 object| jf2 object| jf3 object| jf4 object| jf5 object| jf6 object| jf7 object| jf8 object| jf9 object| jf10 object| jf11 object| jf12 object| jf13 object| jf14 object| jf15 object| jf16 object| jf17 object| jf18 object| jf19 object| jf20 object| jf21 object| jf22 object| jf23 object| jf24 object| jf25 object| jf26 object| jf27 object| jf28 object| jf29 object| jf30 object| jf31 object| jf32 object| jf33 object| jf34 object| jf35 object| jf36 object| jf37 object| jf38 object| jf39 object| jf40 object| jf41 object| jf42 object| jf43 object| jf44 object| jf45 object| jf46 object| jf47 object| jf48 object| jf49 object| jf50 object| jf51 object| jf52 object| jf53 object| jf54 object| jf55 object| jf56 object| jf57 object| jf58 object| jf59 object| jf60 object| jf61 object| jf62 object| jf63 object| jf64 object| jf65 object| jf66 object| jf67 object| jf68 object| jf69 object| jf70 object| jf71 object| jf72 object| jf73 object| jf74 object| jf75 object| jf76 object| jf77 object| jf78 object| jf79 object| jf80 object| jf81 object| jf82 object| jf83 object| jf84 object| jf85 object| jf86 object| jf87 object| jf88 object| jf89 object| jf90 object| jf91 object| jf92 object| jf93 object| jf94 object| jf95 object| jf96 object| jf97 object| jf98 object| jf99 object| jf100 object| jf101 object| jf102 object| jf103 object| jf104 object| jf105 object| jf106 object| jf107 object| jf108 object| jf109 object| jf110 object| jf111 object| jf112 object| jf113 object| jf114 object| jf115 object| jf116 object| jf117 object| jf118 object| jf119 object| jf120 object| jf121 object| jf122 object| jf123 object| jf124 object| jf125 object| jf126 object| jf127 object| jf128 object| jf129 object| jf130 object| jf131 object| jf132 object| jf133 object| jf134 object| jf135 object| jf136 object| jf137 object| jf138 object| jf139 object| jf140 object| jf141 object| jf142 object| jf143 object| jf144 object| bigJobArray object| industryArray function| get3C object| profanity function| stripNonLetters function| checkTextSanity object| validatorArray object| counterArray function| validate function| validateGeneric function| countAnswers function| jumpTo function| clearJump function| setLateJump function| getMessage function| applyRequiredSpec function| genQuestionValidator function| genGroupValidator function| genSelectCounter function| genBoxCounter function| genTextBoxValidator function| clickBox function| clickSelect function| focusText function| DHTML function| changeCol function| changeVisible function| changeDisplay function| filterKeys function| checkEmailSyntax function| occurrences function| trackPage function| parseQueryParams function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust object| google_tag_manager

1 Cookies

Domain/Path Name / Value
.mercurymagazines.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jul+05+2022+13%3A37%3A12+GMT%2B0000+(GMT)&version=6.24.0&isIABGlobal=false&hosts=&consentId=84fd8328-e79b-4db0-a7fe-e905890d944e&interactionCount=0&landingPath=https%3A%2F%2Fcdn.mercurymagazines.com%2F349-349344%2Findex.html%3Femail%3Dcsmith%40nbtbank.com%26name_first%3DCarol%2520Ann%26name_last%3DSmith&groups=C0001%3A1%2CC0002%3A1%2CC0004%3A1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mercurymagazines.com
cookie-cdn.cookiepro.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
links.mail1.m2mediagroup.com
www.googletagmanager.com
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b944
2606:4700:4400::ac40:950d
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
52.222.236.98
126d1498d1d477784f31f50cbc4e1a744b20c36d1bc1823327ab64475281de07
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
173c4cb2b994abd9b725e196f9fa47c25899f74be7294d8ba506dc5a0dd6659c
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
3c09efe44bc7f42ba56a9ad86fe34c884be344cd98879df6ee35191f4de42e23
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
8167d8193187d22b301c54fccd3fdb4a3d9fcc8598562db424687b68ccdc7d57
923723d25175e21962b8c7018bdc104d596da8a730afbfa9f3502fc29c58d9a5
9bb6d50142a103a16dc5df94c8d1c8a5464bc21488592f7c511ff1989438b998
a4ad24e5c924db80aedaff29386a443504ae522f8f9f37b57f70258cd7f9925f
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
acef024316dbeb4e0cddbf9c28a4191e5e5be4aa689b863446ca81345a256072
adfade7710d14f54429db09ddbc8d41c0119e89bb49ed879005845d272665dcd
b4b2c0b4fc4495be6a268c2ceb044c2152975ab237ac02a443b0631815795e98
c1cefd4a4a935de282dee893e4d9fe5eb705b6169daacc6c98cbb81075877dd3
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
cdb29791d01a12b7ee2bc88cf64899c3f4c1f1561066241328eed721b027b6f1
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
f4ee745ddb73cf079c293a6aea2eac0fa10b70a47ccebc704d8aacaacc9bf8b0
f58cf7900b259a7492815bb37b58e11b3b67ac3947920bd20db23e65dc679925
f766c61297183207dea435ddd5ce006c7230aa27c834bb1bc4dbe01b83d97d69