member.neofinancial.com Open in urlscan Pro
18.67.65.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://flow.sandmanhotels.com/tr/c/b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000/1865290
Effective URL:
https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y...
Submission: On July 28 via api (July 28th 2022, 2:01:46 am UTC) from CA — Scanned from CA

Summary HTTP 49 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 49 HTTP transactions. The main IP is 18.67.65.2, located in United States and belongs to AMAZON-02, US. The main domain is member.neofinancial.com.
TLS certificate: Issued by Amazon on November 30th 2021. Valid for: a year.

This is the only time member.neofinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.70.121.144 104.70.121.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	18.67.65.2 18.67.65.2	16509 (AMAZON-02) (AMAZON-02)
10	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1c1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
3	18.67.76.24 18.67.76.24	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
4	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	11

1 104.70.121.144 (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-70-121-144.deploy.static.akamaitechnologies.com

flow.sandmanhotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 18.67.65.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-2.iad89.r.cloudfront.net

member.neofinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1c1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-global.configcat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.76.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-24.iad89.r.cloudfront.net

pubstatic.production.neofinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

neofinancial.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	neofinancial.com member.neofinancial.com pubstatic.production.neofinancial.com	1 MB
10	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1931 ekr.zdassets.com — Cisco Umbrella Rank: 18507	440 KB
4	zendesk.com neofinancial.zendesk.com	2 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 117	491 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	117 KB
2	configcat.com cdn-global.configcat.com — Cisco Umbrella Rank: 20130	2 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 7542	501 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 511	352 B
1	sandmanhotels.com 1 redirects flow.sandmanhotels.com	450 B
49	10

	Domain	Requested by
22	member.neofinancial.com	member.neofinancial.com
9	static.zdassets.com	member.neofinancial.com static.zdassets.com
4	neofinancial.zendesk.com	static.zdassets.com
3	pubstatic.production.neofinancial.com	member.neofinancial.com
2	stats.g.doubleclick.net	www.googletagmanager.com member.neofinancial.com
2	www.google-analytics.com	member.neofinancial.com
2	www.googletagmanager.com	member.neofinancial.com
2	cdn-global.configcat.com	member.neofinancial.com
1	www.google.ca	member.neofinancial.com
1	analytics.google.com	www.googletagmanager.com
1	ekr.zdassets.com	static.zdassets.com
1	flow.sandmanhotels.com	1 redirects
49	12

This site contains links to these domains. Also see Links.

Domain
www.neofinancial.com

Subject Issuer	Validity	Valid
member.neofinancial.com Amazon	`2021-11-30` - `2022-12-28`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-08` - `2022-12-15`	6 months	crt.sh
*.configcat.com AlphaSSL CA - SHA256 - G2	`2022-05-23` - `2023-06-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.neofinancial.com Amazon	`2022-05-20` - `2023-06-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
neofinancial.zendesk.com Cloudflare Inc ECC CA-3	`2021-10-24` - `2022-10-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
Frame ID: 0F6A906BD36AA7E2E64C1F2AD194989C
Requests: 37 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-8e45177b7f7d8eb5e2ba.js
Frame ID: 4F32EB66168A25FFE045FB9BE4A330E0
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign up

Page URL History Show full URLs

https://flow.sandmanhotels.com/tr/c/b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000/1865290 HTTP 301
https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_Ga... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

49
Requests

100 %
HTTPS

55 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

1832 kB
Transfer

5941 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.neofinancial.com/platform-policy
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.neofinancial.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://flow.sandmanhotels.com/tr/c/b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000/1865290 HTTP 301
https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signup Show response
member.neofinancial.com/
Redirect Chain

https://flow.sandmanhotels.com/tr/c/b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000/1865290
https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=par...

72 KB
20 KB

262ms
183ms

Document
text/html

18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

CloudFront /

Resource Hash

59167460bfde56f6be2b908dca91d8b07589f32c61d894909f4ee5559d69d43c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
content-security-policy-report-only: default-src 'self'; img-src 'self' 'self' data: https://www.googletagmanager.com https://lh3.google.com/ https://lh3.googleusercontent.com https://www.google-analytics.com https://accounts.google.com https://impressions.onelink.me https://static.production.neofinancial.com https://uploads-ssl.webflow.com https://www.gstatic.com https://translate.google.com https://accounts.zendesk.com https://www.facebook.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://v2assets.zopim.io https://neofinancial.zendesk.com https://www.google.ca/ads/ga-audiences https://events.neofinancial.com; media-src 'self' 'self' data: https://mpsnare.iesnare.com https://static.zdassets.com; child-src 'self' blob: https://verify.berbix.com; frame-src https://verify.berbix.com https://tr.snapchat.com https://demo.flinks.com https://neofinancial-iframe.private.fin.ag https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://www.facebook.com; font-src 'self' 'self' data: https://cdn.appsflyer.com https://pubstatic.production.neofinancial.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://translate.googleapis.com; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com 'unsafe-eval' https://www.google-analytics.com https://maps.googleapis.com https://websdk.appsflyer.com https://lh3.google.com https://accounts.google.com https://uploads-ssl.webflow.com https://api.production.neofinancial.com https://verify.berbix.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com https://static.zdassets.com https://api.smooch.io https://analytics.tiktok.com https://sc-static.net https://connect.facebook.net http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://widget-mediator.zopim.com https://www.google-analytics.com/analytics.js https://fpnpmcdn.net; connect-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://api.production.neofinancial.com/graphql https://api.production.neofinancial.com/messages https://neo-application-service-pdfs-production.s3.ca-central-1.amazonaws.com/ https://visit.neofinancial.com https://api.sjpf.io/ https://af-event-logger.appsflyer.com https://banner.appsflyer.com https://creatives-cdn.appsflyer.com https://lh3.google.com https://www.google.com https://o248029.ingest.sentry.io https://uploads-ssl.webflow.com https://api.production.neofinancial.com https://api.staging.neofinancial.info https://api.integration.neofinancial.xyz https://verify.berbix.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com https://neofinancial.zendesk.com https://ekr.zendesk.com https://ekr.zdassets.com wss://api.smooch.io https://api.smooch.io https://analytics.tiktok.com https://wa.appsflyer.com https://wa.onelink.me/v1/onelink https://stats.g.doubleclick.net https://cdn-global.configcat.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com wss://widget-mediator.zopim.com https://tls-use1.fpapi.io https://maps.googleapis.com https://adservice.google.com https://translate.googleapis.com https://events-api.neofinancial.com https://www.google.ca/ads/ga-audiences https://analytics.google.com/g/collect https://zendesk-eu.my.sentry.io; worker-src 'self' data: 'unsafe-eval' 'unsafe-inline' blob:; report-uri https://member.neofinancial.com/api/csp
content-type: text/html; charset=utf-8
date: Thu, 28 Jul 2022 02:01:41 GMT
etag: "11fc8-+2FHjDtBiN/1FQ6PgWJJO1C/3S4"
referrer-policy: same-origin, strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
x-amz-cf-id: kb9se9RcGOZNG5A8zmI2ClVOVCM3dcOegco0AXUyjAuT-CDyQ6bMRg==
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: upgrade-insecure-requests
date: Thu, 28 Jul 2022 02:01:40 GMT
location: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
server: Apache-Coyote/1.1

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 102ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=3a2def70-df72-432e-9758-60f9ca8672c3

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91d4323460bd9bfa3fd6e09558fe626dd35340ecdae7c3c5eb6d5f6f70ee9561

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: GFHGP62J48H237XF
x-amz-id-2: bZEHZ5fJkP5nFj17w78B7WUrzNkPegb/XcSQUjOU+6JgTAY3yqCjU47cg6vlUq81e89WJK9S5ZE=
last-modified: Fri, 22 Jul 2022 02:21:28 GMT
server: cloudflare
etag: W/"3fba502faef030cec4e859bd891434b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMkNGHdZ8n%2FHNr1iUef%2Bve1epzduhB7wnLlOU2O3uPNg6c8jZVqP4jvJjm4TKOv776iNiQGatvjvD7%2Buu%2B8KI3Tfm54Ol3XQ52ysb9bSSE37MvCexjLVgWvr0fy%2BLqRnCEX1cHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: i_Nl84mOziRwMptrxbq5llUUo99rKJhO
cf-ray: 731a0740d939cab4-YYZ

GET
H2 200 c6f311282908b3a5.css
member.neofinancial.com/_next/static/css/ 1 KB
1 KB 26ms
25ms Stylesheet
text/css 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/css/c6f311282908b3a5.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cc958b7779f74413b682c246853b88c5ed668182d7ec8796876a9879b04c0c5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:18 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"50ff4e2ac29e95b0e558f60754e0b4f7"
vary: Accept-Encoding
x-amz-version-id: .dkr6rK7rRxzeepysBoeBGkTbhwRIIJd
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: text/css
x-amz-cf-id: 0QLirKBx12i6TdgSSuc4DzF-H8DAodlv-H38jHKUMKMgjyVczbT3Sg==

GET
H2 200 webpack-f2cbb135246403a3.js Show response
member.neofinancial.com/_next/static/chunks/ 5 KB
3 KB 31ms
29ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/webpack-f2cbb135246403a3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

796352d09ba47c66948ad5f1a9782ce26153053acc704ea0103166b05baa54f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:17 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"f121b195c2b228541ba605d1a1d282bb"
vary: Accept-Encoding
x-amz-version-id: sn.._gmxQ9dZ8lb0tG9.Smom_LXIpfdR
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: fiGnN3f-McZzLFTem-ksAEse9IokjXKk2U1NI9ZwgRwERhawVJDIzQ==

GET
H2 200 framework-560765ab0625ba27.js Show response
member.neofinancial.com/_next/static/chunks/ 127 KB
40 KB 31ms
29ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/framework-560765ab0625ba27.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4ac51ffc4bca5ed831338ca7656a8446f9dd02fb72c7c70e0440a6cffd8cdf99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:31 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"575f0dd2d17bbece23c4e3266a51a5c2"
vary: Accept-Encoding
x-amz-version-id: sxHH8hjBZ_rSkyuMZ5qOxh13peV4j_Xx
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: lHrNwNaLn0XVyv-1aLLLBjDdbXjTU9kEhYrGy-j0kn01cLxTNvysMg==

GET
H2 200 main-e2e67807b8f4ed48.js Show response
member.neofinancial.com/_next/static/chunks/ 89 KB
26 KB 53ms
52ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/main-e2e67807b8f4ed48.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

155fe12c77852a1501b2002925b35210df083c69d7c5bb1e39e2b47f8532ed16

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:40 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"045eb4cc16e4d0c1f5532c2d83b7f340"
vary: Accept-Encoding
x-amz-version-id: JoHxpv6Hse64JQrZfrtXY2yWe4QVo5v3
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: VevyQpPYBBUcydmBrlwOkISWtqPdP8uCAKJDJ0bv_ZmKLiSr6wSuPA==

GET
H2 200 _app-aebb555631d3b69f.js Show response
member.neofinancial.com/_next/static/chunks/pages/ 3 MB
769 KB 56ms
55ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/pages/_app-aebb555631d3b69f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bea2938aca6764761f71154d68a05a3d40f273d2577395024fea9301869e46a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:38 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"2dcdd23bff6b874ac3ef5a6b370c1d37"
vary: Accept-Encoding
x-amz-version-id: XHvqefytdme37L8Sz0IAFZGE7Buckcvu
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: dly2u9EUH5GN98-u94tFpnkEPEa7AUdZwpcm4cirOgRfkbGE4XBywA==

GET
H2 200 signup-0bb57f191445d38c.js Show response
member.neofinancial.com/_next/static/chunks/pages/ 17 KB
6 KB 56ms
54ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/pages/signup-0bb57f191445d38c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

32fe5fcc76b7253ffba88c0011b67f4ff4ff551f38565bcf89211f45e87e5ab4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:17 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"3b9e3d24e74a444c54f9fb5bdbf0e397"
vary: Accept-Encoding
x-amz-version-id: r0VYyYs8bkcm91oc5_0BdL2JtL7u8DZd
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: H9oTyVQZRWvU68EWTlJETHlhj_2SfqZOPD8obUFs6AHQIAW5VZyATQ==

GET
H2 200 _buildManifest.js Show response
member.neofinancial.com/_next/static/HxIBg7VIQpiQ5W7EgjmFi/ 28 KB
7 KB 52ms
51ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/HxIBg7VIQpiQ5W7EgjmFi/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02dbc671b117a66463b87fbf3f4f77413d47686e526734a13fd79751a5ebb855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:42 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"c9df7658d64d196a353b88c6715e2a76"
vary: Accept-Encoding
x-amz-version-id: J5qeMjcmpnkHQlp1fsKUriLlL_SYmlz.
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: Xfm1F645Bs2JvkY71jam2XPqGvXcnTH3qv4bEQ7SqoDPIGZDPBuqjg==

GET
H2 200 _ssgManifest.js Show response
member.neofinancial.com/_next/static/HxIBg7VIQpiQ5W7EgjmFi/ 77 B
616 B 57ms
56ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/HxIBg7VIQpiQ5W7EgjmFi/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 77
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:19 GMT
server: AmazonS3
x-frame-options: DENY
etag: "b6652df95db52feb4daf4eca35380933"
strict-transport-security: max-age=31536000
x-amz-version-id: T0QlhWImXcwpm_XEos0XW2Uo01dzRKI5
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
content-type: application/x-javascript
x-amz-cf-id: IPjTbRiN0IyvErp85TadIeKQEXyLIPNFrE1ZLG-BIGJQv7kHLci72A==

GET
H2 200 _middlewareManifest.js Show response
member.neofinancial.com/_next/static/HxIBg7VIQpiQ5W7EgjmFi/ 92 B
630 B 118ms
117ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/HxIBg7VIQpiQ5W7EgjmFi/_middlewareManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 92
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:16 GMT
server: AmazonS3
x-frame-options: DENY
etag: "7c3f7e060745668041278118c0bb3d6d"
strict-transport-security: max-age=31536000
x-amz-version-id: Qkj4PvnL3fCqclzMiij35NMg03K3PT2O
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
content-type: application/x-javascript
x-amz-cf-id: HqL-PWwEd-WIo2DTUwRR8GcFe3Kk41VgEqlSgS0zye1Qgx38v_ADpw==

GET
H2 200 3a2def70-df72-432e-9758-60f9ca8672c3 Show response
ekr.zdassets.com/compose/ 468 B
1 KB 99ms
31ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/3a2def70-df72-432e-9758-60f9ca8672c3

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=3a2def70-df72-432e-9758-60f9ca8672c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38211663dae80aa421849cefff386ca97c79f6cb65df0523938e0b802f34999a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 49
cf-ray: 731a0741ae243ff2-YYZ
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
x-request-id: 49554c632a66c383a0210338c0799c96, 49554c632a66c383a0210338c0799c96
x-runtime: 0.003750
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"38211663dae80aa421849cefff386ca9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7rzzu6MWjp7MVtedG7IAjbLAS6hxLFoaTY5lC69zo0y%2FjIQ9jFK5zKDFcitSnHh1YOB40PIlXMS9G39T8PyQrE6%2BB7%2BlUyzAE1OzphxSslmjyJAK2hTIXAuNjvgJG7Cojw%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
access-control-expose-headers

OPTIONS
H2 204 config_v5.json
cdn-global.configcat.com/configuration-files/bjDZCN7V202GvCMfavnj3g/VFAGntr1ZkeHn3mGmDCUxA/ Frame 0
0 79ms
40ms Preflight
text/plain 2606:4700::6812:1c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-global.configcat.com/configuration-files/bjDZCN7V202GvCMfavnj3g/VFAGntr1ZkeHn3mGmDCUxA/config_v5.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: if-none-match,x-configcat-useragent
Access-Control-Request-Method: GET
Origin: https://member.neofinancial.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: if-none-match,x-configcat-useragent
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 731a074318e0713e-YUL
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 28 Jul 2022 02:01:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

POST
H2 200 sentry Show response
member.neofinancial.com/api/ 26 B
421 B 183ms
182ms Fetch 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/api/sentry

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/pages/_app-aebb555631d3b69f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

CloudFront /

Resource Hash

98c557838a5a9b98ca0565a82b7cb86af7188a42ac930e2049c665f2bb19a78b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://member.neofinancial.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: frame-ancestors 'none'
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: CloudFront
x-amz-cf-pop: IAD89-P1
date: Thu, 28 Jul 2022 02:01:41 GMT
x-frame-options: DENY
x-cache: Miss from cloudfront
etag: "1a-LAqaocaMCjPwJdpEZSZqh171qMc"
strict-transport-security: max-age=31536000
content-length: 26
x-xss-protection: 1; mode=block
x-amz-cf-id: b-Fd_bBpHtxLAjYj_2ATettQ2D3ZRdUFkPTILJ8PXPw5swpL1B-3WQ==

GET
H2 200 config_v5.json Show response
cdn-global.configcat.com/configuration-files/bjDZCN7V202GvCMfavnj3g/VFAGntr1ZkeHn3mGmDCUxA/ 6 KB
2 KB 19ms
19ms XHR
application/json 2606:4700::6812:1c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-global.configcat.com/configuration-files/bjDZCN7V202GvCMfavnj3g/VFAGntr1ZkeHn3mGmDCUxA/config_v5.json

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/pages/_app-aebb555631d3b69f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb9a600a7b8da64db67767cbd4fbe967a76fe4db00181e7d61d8a086ea32535e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://member.neofinancial.com/
If-None-Match: null
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
X-ConfigCat-UserAgent: ConfigCat-JS-SSR/a-4.5.0

Response headers

date: Thu, 28 Jul 2022 02:01:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 27 Jul 2022 21:24:35 GMT
server: cloudflare
age: 218
etag: W/"62e1ad13-16a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding
cache-control: max-age=0, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 731a0743591f713e-YUL

GET
H2 200 5675-66c0f752b0f62cee.js Show response
member.neofinancial.com/_next/static/chunks/ 12 KB
5 KB 31ms
30ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/5675-66c0f752b0f62cee.js

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/webpack-f2cbb135246403a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6ca7e40af6a65c385616d5907f7db3556bf253f77f57456621b15fb75fe60725

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:20 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"1196dc2347dae3a951dc4380508f2f65"
vary: Accept-Encoding
x-amz-version-id: mlgk_cexYUEcmJI2_1dtVzsHjLZOKOGl
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: g5mLv1N4XxqDSUkMWl6D8lIQ18QIjh5ViHeCKnK2eldt-2j4AKTP9A==

GET
H2 200 2815-f96064ec6b19985e.js Show response
member.neofinancial.com/_next/static/chunks/ 51 KB
16 KB 34ms
33ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/2815-f96064ec6b19985e.js

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/webpack-f2cbb135246403a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8fc83ab5aef35ef8142fe41a871f4f0e7f574618cb6d28c867644d93346c9930

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:10 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"ecd92ba3e53ce45d9d9fc6b9fb339e91"
vary: Accept-Encoding
x-amz-version-id: pgkjEN0ZSf6FhMWE2CgMuTvthInm5.zW
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: x4NJp-A_R82c2cq-pU6QTerdWd4bPsC9q45RryuT60Z1jeYlP9Y2rg==

GET
H2 200 2426-9b972d5f7e73ce35.js Show response
member.neofinancial.com/_next/static/chunks/ 8 KB
3 KB 30ms
28ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/2426-9b972d5f7e73ce35.js

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/webpack-f2cbb135246403a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cc4a7cbc50a7b7c35e8fd882ec455324be0a06f4e9123a2242c322cd4e981ea9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:35 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"1c8e16beddf479476d8180a5a6bb818c"
vary: Accept-Encoding
x-amz-version-id: g8jlL5TEXITjVNuZmpsowPyiAZGqWdwq
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: 08cVnq-UzX2czMzUmRbbQDLdN7kqY8zMVe1A_eSYdihub5t6fb7NzA==

GET
H2 200 3355-61027cadb1cad1e1.js Show response
member.neofinancial.com/_next/static/chunks/ 12 KB
4 KB 32ms
31ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/3355-61027cadb1cad1e1.js

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/webpack-f2cbb135246403a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bdfd66e42d9c81288df47c7630f5a51843f765a66b50cc36a481a71c5e5ea5b5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:35 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"29b788d0ab45fcee0dcfa6f77604f703"
vary: Accept-Encoding
x-amz-version-id: U0VENV2yw4SObyzLXBCjq7fwpgee7ou8
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: w0Q-r3LHnKyA2QDo8PtxI2Qz3wW4bKiTq7edw7hLKezT5C15wcRmHw==

GET
H2 200 7974-c3cd74f35b58718d.js Show response
member.neofinancial.com/_next/static/chunks/ 39 KB
10 KB 31ms
30ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/7974-c3cd74f35b58718d.js

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/webpack-f2cbb135246403a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6f295f5b8b3e67658c05ea206b56c5dd9dc1e4952fd05ab22266bf148f1d6a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1437
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:43 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"45304672cdc6a7ac23e1b1d250a89735"
vary: Accept-Encoding
x-amz-version-id: UobDi7mi63U1PtjnzzO.x5oYeVLZ3Qb4
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: Ntq2CCSGcdBBaSDTExhwZ1z-J5WUAf0pgs9wP_3MysoAXiZNc0x8pQ==

GET
H2 200 9582-13523f9a9eab2373.js Show response
member.neofinancial.com/_next/static/chunks/ 12 KB
5 KB 30ms
29ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/9582-13523f9a9eab2373.js

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/webpack-f2cbb135246403a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b0e38f4b620f58ad0d0fe67e1407360f7adb1ada99cbee0c1e5b8e1eb7c977a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:15 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"65e40335fa69baa7e24e6cd6e7e485d1"
vary: Accept-Encoding
x-amz-version-id: sDL4B7nZpQ8o5aTWPvQoyKl39myVhW9L
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: 279TUN6bszDaKLL_ZSTWUr-VVyeT_c6cClB6HB-TZSaMkScOnN4Jcg==

GET
H2 200 7496-4c8bd474fa681840.js Show response
member.neofinancial.com/_next/static/chunks/ 21 KB
7 KB 32ms
31ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/7496-4c8bd474fa681840.js

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/webpack-f2cbb135246403a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6821d51891e2968f54e48eff72cb3ea328fd80d767d8e2aeef9d195dd7fcf0f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:14 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"9418cfd5ab4274526e05978b8e05ccf9"
vary: Accept-Encoding
x-amz-version-id: cTx6zC0lgULGXRXNhqNkJL6Wd6Mrvvq8
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: r4mg3hgeLRM1i7NjXGPZqHyWjemR_c3U6nqcg99KPvJ28h9jauA3RA==

GET
H2 200 1789.e48ad7c5775b12d3.js Show response
member.neofinancial.com/_next/static/chunks/ 91 KB
22 KB 30ms
30ms Script
application/x-javascript 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://member.neofinancial.com/_next/static/chunks/1789.e48ad7c5775b12d3.js

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/webpack-f2cbb135246403a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4ac15e0246447c4533229fc361547a70b43cb0f0aa97e2320c57f776f53321f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 01:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jul 2022 01:24:34 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"9f59f468d08f0c7857236ee29c819236"
vary: Accept-Encoding
x-amz-version-id: gssnP1SYGUStQR3V9aUjIUFvVsE_p19l
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'none'
x-amz-cf-pop: IAD89-P1
content-type: application/x-javascript
x-amz-cf-id: L3JPsP-vpNFHBNawRe2VJQNGOXTJyKBEpa01-nqFhYTcZdg_v1Al9w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
45 KB 87ms
39ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5B2NKSL&gtm_auth=NlAkKaCIDbY6ZdAAeZzphQ&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/pages/_app-aebb555631d3b69f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

341bca46c2b7f3c4173bf4dfd324fa1b7f14d84378a6ea2b0aa25267defe7d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:41 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45916
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/pages/_app-aebb555631d3b69f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3560
date: Thu, 28 Jul 2022 01:02:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 28 Jul 2022 03:02:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
72 KB 81ms
34ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XECPFY9GGK

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/pages/_app-aebb555631d3b69f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a19b9a850237adc9a3336560fc3506ae6f334e9ae4fdf8b62c80f9d210f36323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72886
x-xss-protection: 0
expires: Thu, 28 Jul 2022 02:01:41 GMT

GET
H2 200 TTCommons-Regular.otf
pubstatic.production.neofinancial.com/fonts/tt-commons/ 103 KB
104 KB 145ms
72ms Font
binary/octet-stream 18.67.76.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pubstatic.production.neofinancial.com/fonts/tt-commons/TTCommons-Regular.otf
Requested by: Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/css/c6f311282908b3a5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-24.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fafd145b2ffeaa6870bc7553c0f1326249a46e92707f405161140785fb9b800

Request headers

Referer: https://member.neofinancial.com/
Origin: https://member.neofinancial.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront)
etag: "3ea1d3353debc4eaab59a7c157b612b9"
age: 577287
x-cache: Hit from cloudfront
access-control-max-age: 0
content-length: 105796
last-modified: Tue, 01 Jun 2021 02:52:21 GMT
server: AmazonS3
date: Thu, 21 Jul 2022 09:40:15 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: IAD89-P2
accept-ranges: bytes
x-amz-cf-id: AgBWtAWPhiAS9TtSsIoooPNTtXvfb4matrX_1vCu4jVgT3eyWG8pDw==

GET
H2 200 TTCommons-DemiBold.otf
pubstatic.production.neofinancial.com/fonts/tt-commons/ 107 KB
107 KB 78ms
77ms Font
binary/octet-stream 18.67.76.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pubstatic.production.neofinancial.com/fonts/tt-commons/TTCommons-DemiBold.otf
Requested by: Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/css/c6f311282908b3a5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-24.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d295383222a0eee91f5f1c1e8b2fe75108c765ccb7f6e7bac0c774d921e4d1d

Request headers

Referer: https://member.neofinancial.com/
Origin: https://member.neofinancial.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront)
etag: "f36e56bfbc41fb41c30c853d9ec257ca"
age: 167490
x-cache: Hit from cloudfront
access-control-max-age: 0
content-length: 109080
last-modified: Tue, 01 Jun 2021 02:52:13 GMT
server: AmazonS3
date: Tue, 26 Jul 2022 03:30:12 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: IAD89-P2
accept-ranges: bytes
x-amz-cf-id: VGqU0PUUX4MmL-rIfmNGhygDFy7IM1eFiNuQ_2ZMl5bckvi_NZYxxA==

GET
H2 200 QuincyCF-Medium.otf
pubstatic.production.neofinancial.com/fonts/quincy-cf/ 60 KB
60 KB 56ms
56ms Font
binary/octet-stream 18.67.76.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pubstatic.production.neofinancial.com/fonts/quincy-cf/QuincyCF-Medium.otf
Requested by: Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/css/c6f311282908b3a5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-24.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2148c0b8b9c840f892079effe8099a692ee73ea882aadcba012afb6119dd97cb

Request headers

Referer: https://member.neofinancial.com/
Origin: https://member.neofinancial.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:53:51 GMT
via: 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 580071
x-cache: Hit from cloudfront
content-length: 61340
last-modified: Tue, 01 Jun 2021 02:51:18 GMT
server: AmazonS3
etag: "a527cc096cc86303c3eabf866f1bd4fc"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
x-amz-version-id: null
access-control-allow-origin: *
x-amz-cf-pop: IAD89-P2
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: vxsOL4hk73ZeiPwyTwBPSIbX8oJfGenzzLt_LXfFJZ4cOJ0UL5UH1Q==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 image
member.neofinancial.com/_next/ 6 KB
6 KB 117ms
115ms Image
image/webp 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member.neofinancial.com/_next/image?url=https%3A%2F%2Fstatic.production.neofinancial.com%2Fpartner_logos%2Flockup-sandman-hotels.png&w=1920&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

CloudFront /

Resource Hash

fccaaab976bbe971284ef40d56fa8afe00dfa17dbc7807f2eba82ecac17d6ab1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:41 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
x-nextjs-cache: STALE
content-disposition: inline; filename="lockup-sandman-hotels.webp"
vary: Accept
content-length: 5738
x-xss-protection: 1; mode=block
server: CloudFront
x-frame-options: DENY
etag: -MqquXa76XEoTvQNVvqK-gDfoX28eAfy66guysF9arE=
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'none'
x-amz-cf-id: qPFOAeiK0KXtp4DTuuTqbSpc9-lOjQnSiiVsfGCcyZiE_iVbuxWG1Q==

GET
H2 200 image
member.neofinancial.com/_next/ 3 KB
3 KB 117ms
116ms Image
image/webp 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member.neofinancial.com/_next/image?url=%2F_next%2Fstatic%2Fimages%2Fneo-pearl-card-front-50d1ff0a42d3cfee77d3ac2fa090f076.png&w=256&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

CloudFront /

Resource Hash

6413e2d8acfbd94fd7674eb56810bfa8fd243ae6ea25e7789f086d5aa808694d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:41 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
x-nextjs-cache: STALE
content-disposition: inline; filename="neo-pearl-card-front-50d1ff0a42d3cfee77d3ac2fa090f076.webp"
vary: Accept
content-length: 2640
x-xss-protection: 1; mode=block
server: CloudFront
x-frame-options: DENY
etag: ZBPi2Kz72U-XZ061aBC-qP0kOubqJed4nwhtWqgIaU0=
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'none'
x-amz-cf-id: p4ZZq2fIEWjhoEVZne1nOD2jfXpb_DJ-11WWURbekA6-l006K-y2zw==

GET
H2 200 image
member.neofinancial.com/_next/ 22 KB
23 KB 191ms
190ms Image
image/webp 18.67.65.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member.neofinancial.com/_next/image?url=%2F_next%2Fstatic%2Fimages%2Fgoogle-apple-pay-dd5d4a5f12c114d03ea9e99967e852d3.png&w=640&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-2.iad89.r.cloudfront.net

Software

CloudFront /

Resource Hash

06518c9f29b0a0fd54e3fba3f79a9645dbfe11baeac54920db6e57e6bce04788

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/signup?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_July26_GasAndGoNeo&pl=b2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000&utm_source=sandman&utm_medium=partner&utm_campaign=preferredpartner_customersignup&utm_content=various&utm_term=m2c&nf_cv=SANDMAN&brand=sandman_hotels&product=neo_standard_credit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:42 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
x-nextjs-cache: MISS
content-disposition: inline; filename="google-apple-pay-dd5d4a5f12c114d03ea9e99967e852d3.webp"
vary: Accept
content-length: 22902
x-xss-protection: 1; mode=block
server: CloudFront
x-frame-options: DENY
etag: BlGMnymwoP1U4-uj95qWRdv+EbrqxUkg225X5rzgR4g=
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'none'
x-amz-cf-id: nkSub4_FcrIvkfR_gWfsVzS4GC3y5z00nvFJ55ue1sYn4bashRvYZA==

GET
H2 200 web-widget-framework-8e45177b7f7d8eb5e2ba.js Show response
static.zdassets.com/web_widget/latest/ Frame 4F32 169 KB
56 KB 39ms
39ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-8e45177b7f7d8eb5e2ba.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=3a2def70-df72-432e-9758-60f9ca8672c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

427053273a0df30c0dc37074fcaa5cda49c01a8bc9a315b15ea1666365eb7a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521985
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: WWV5EJRPX4YYKQ8E
x-amz-id-2: j35FpeE8cTJrLDKeBGBEqVO0Uas7lOxFZmkMxjNs+bZShP9pPFCP+d8T4bBSjdIDoHFCl+3Jak4=
last-modified: Wed, 20 Jul 2022 22:41:14 GMT
server: cloudflare
etag: W/"e04d9a8df7e390f5e325c79b34617b1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bdc%2B9R41cpcPDUhR%2FaaxTS6CG3CKQNE6vkALL3m%2F0sJa6xjz%2Fm%2B%2FHJ4VRc%2FZrNV798t8JwUOklZcXZz4DIUjAPPkE1UfIVwv02RCduFYhEHAA8k6IYezrbxBu51dIggxhTi%2B1%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Js21FbHz4MC9ExIjsqNA9zqm3ZlyJEjO
cf-ray: 731a07450c37cab4-YYZ
expires: Thu, 20 Jul 2023 22:41:13 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 35ms
34ms XHR
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=922746097&t=pageview&_s=1&dl=https%3A%2F%2Fmember.neofinancial.com%2Fsignup%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_July26_GasAndGoNeo%26pl%3Db2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000%26utm_source%3Dsandman%26utm_medium%3Dpartner%26utm_campaign%3Dpreferredpartner_customersignup%26utm_content%3Dvarious%26utm_term%3Dm2c%26nf_cv%3DSANDMAN%26brand%3Dsandman_hotels%26product%3Dneo_standard_credit&ul=en-us&de=UTF-8&dt=Sign%20up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=1093341370&gjid=1692357738&cid=1502956661.1658973702&tid=UA-149449847-5&_gid=400224146.1658973702&_r=1&gtm=2wg7p05B2NKSL&z=772391063

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/pages/_app-aebb555631d3b69f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://member.neofinancial.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 02:01:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://member.neofinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
352 B 71ms
32ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XECPFY9GGK&gtm=2oe7p0&_p=922746097&_z=ccd.v9B&_gaz=1&cid=1502956661.1658973702&ul=en-us&sr=1600x1200&_s=1&sid=1658973701&sct=1&seg=0&dl=https%3A%2F%2Fmember.neofinancial.com%2Fsignup%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_July26_GasAndGoNeo%26pl%3Db2cp29y2ck2fp30y29d2ax30h30a2b829f2cl28000%26utm_source%3Dsandman%26utm_medium%3Dpartner%26utm_campaign%3Dpreferredpartner_customersignup%26utm_content%3Dvarious%26utm_term%3Dm2c%26nf_cv%3DSANDMAN%26brand%3Dsandman_hotels%26product%3Dneo_standard_credit&dt=Sign%20up&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XECPFY9GGK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 02:01:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://member.neofinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 84ms
33ms Ping
text/plain 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XECPFY9GGK&cid=1502956661.1658973702&gtm=2oe7p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XECPFY9GGK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 02:01:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://member.neofinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 85ms
38ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XECPFY9GGK&cid=1502956661.1658973702&gtm=2oe7p0&aip=1&z=191935579

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://member.neofinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 02:01:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 65ms
32ms XHR
text/plain 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-149449847-5&cid=1502956661.1658973702&jid=1093341370&gjid=1692357738&_gid=400224146.1658973702&_u=aGDACEAABAAAAC~&z=1474868196

Requested by

Host: member.neofinancial.com
URL: https://member.neofinancial.com/_next/static/chunks/pages/_app-aebb555631d3b69f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member.neofinancial.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 28 Jul 2022 02:01:42 GMT
content-type: text/plain
access-control-allow-origin: https://member.neofinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
neofinancial.zendesk.com/embeddable/ Frame 4F32 954 B
1 KB 121ms
52ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://neofinancial.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8e45177b7f7d8eb5e2ba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdf8cc679f2730f063a532eac979c610f88d8ff1e8670e1f21eae25b4f726b66

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:42 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 49
x-zendesk-origin-server: embeddable-app-server-5ff6b589c8-bsfth
access-control-allow-methods: GET
x-cached: STALE
x-request-id: 151900c258a6376cfa124ca837b5dba8
x-runtime: 0.001762
last-modified: Thu, 28 Jul 2022 02:00:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3Enf4upuwhhX5XZsB3w1NKo6b5saNEF1%2BZPwgR0yDJx2hCt8qJAAz5lCnQOqvwpbAyjeO%2BiKnWgrNheh%2FBN85TMbPQnGgW7GWFPoqt3cuO9JEXcB5DldawANwr%2F6H%2BudxpfA2VlBAKApQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 731a07463dc6f995-YYZ

GET
H2 200 web-widget-classic-5cfa662.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 4F32 13 KB
4 KB 29ms
29ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-5cfa662.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8e45177b7f7d8eb5e2ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0d3de65c76c21ed34a46bfa6058c8cb684dff0bf696a05e5ce7735131ba4339

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521986
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: WWVFMP31PWTTVQJZ
x-amz-id-2: HtsQFkChHBpre24DmDOmRwQgPhcNARtTMI8ArSiBsbiakIJcnabTWVLi6YbJpPxWb/XIV8MWeGw=
last-modified: Wed, 20 Jul 2022 22:41:30 GMT
server: cloudflare
etag: W/"0b03b934dccd60e42bc5d4b49bc1a1c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dABOGDqr252dP6a4LkywpDuTPJGMW3VzYYyFdlIhx0W14rbXloF8WoIBBbVkbuyDNdDHLJL0B1k0DdECFY7O4nVsK26RRRBR1Y6mbhtnMlIKLiTA2fy0UXv92VDmHfbgiyO33oY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: dACHkMMS4QXZaHUccKC.8a_Obq7GHdmq
cf-ray: 731a07468d4ecab4-YYZ
expires: Thu, 20 Jul 2023 22:41:29 GMT

GET
H2 200 web-widget-9252-5cfa662.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 4F32 657 KB
189 KB 62ms
61ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-9252-5cfa662.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-5cfa662.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b326ac06af7d7e110680e40f5ab9ecedd4d228ea0b44fc20d4e4d9f9b14f19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521985
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 10MKRTF2TV9DC2FA
x-amz-id-2: m3T/PQJsX+6qC/wPc9mEVf6mA0vaKnvWEYry0vk6QzjPh6+dLS2csXNUXUlaa2r9DC2acIlWmbY=
last-modified: Wed, 20 Jul 2022 22:41:30 GMT
server: cloudflare
etag: W/"58c69e6f1cbe8416e30dfd8667b45080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FW8P9GIAZQtwb5aejCtDVYzo47Zzb%2BxqETpL%2FTgcuG7NfqRits8gro4iEneFvkKaxp19AyARQrykf2Rmcu18H1Vs3KuPFEjt1qsLzD2pAqEFgqPmhXLPm9m9C%2BhHOVOTNysEc58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: kIACy1e6_lz7__aZK.E6CeOilNDZ.dfo
cf-ray: 731a0746cd72cab4-YYZ
expires: Thu, 20 Jul 2023 22:41:29 GMT

GET
H2 200 web-widget-7339-5cfa662.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 4F32 466 KB
105 KB 45ms
44ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-7339-5cfa662.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-5cfa662.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e95704045e2b001c379d443347c35f8785c69c669c515317d2cab59a9f5af868

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521985
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 10MTHE3P0N6FWTCK
x-amz-id-2: yABDWLe1CBjJgtylcwP4eEU/n9bLczZlhF82w1I53tnsDkYq9gMyikgLbnWXQkzmqINK4v8Qb9Y=
last-modified: Wed, 20 Jul 2022 22:41:30 GMT
server: cloudflare
etag: W/"ce54ca8a809edaa28f4872c01943cd9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDiR6RGJPzHXNcsU%2F%2BSTKUqyXv2PET9OfhPY29frp3Y0fwfxMX983bBYESo6vrXSehIRdXFyCFQI8GNZGWqJ%2Fhb3%2FCr6J5%2BrdYqUKQIDE2SHYFc%2FlCJfgyjjbWViQo21eqj5O2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Bh28OefNqJEQRSg7UEzdzrrYB.efLvdG
cf-ray: 731a0746cd73cab4-YYZ
expires: Thu, 20 Jul 2023 22:41:29 GMT

GET
H2 200 embeddable_blip Show response
neofinancial.zendesk.com/ Frame 4F32 0
340 B 111ms
111ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://neofinancial.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJlbi1DQSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZW4tY2EiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC4xMzQgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZX0sImFjdGlvbiI6ImxvY2FsZU1pc21hdGNoIiwiY2F0ZWdvcnkiOiJsb2NhbGUifSwiYnVpZCI6IjExNzY1Njk2MWUzMjQ5ZGU4YWVjNTM2OGU3NTg2ZjViIiwic3VpZCI6IjczM2ZlOGYxNjg3ZjRhMmY5YTRhMzc5ZTQ1YTg0MDQ0IiwidmVyc2lvbiI6IjVjZmE2NjIiLCJ0aW1lc3RhbXAiOiIyMDIyLTA3LTI4VDAyOjAxOjQyLjQxMloiLCJ1cmwiOiJodHRwczovL21lbWJlci5uZW9maW5hbmNpYWwuY29tIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8e45177b7f7d8eb5e2ba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:42 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Jul 2022 02:01:42 GMT
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaGEN%2BR5Jt5s3Uxqo0GYl8dVbRbTn2Eea%2BksjsYKmy3u8vW03cdxVTdNYLDpffgJEb1jde%2FMg1lzm4Nl8yzw6xYerOfUAGgTYlmW97I8kdb7z4Y3HcGeqHCruCwjUwL6RQHhd1zJeCKmUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 731a07482f4af995-YYZ
content-length: 0
x-request-id: 7c738d1c2d43ef1e9605cdd12b444407

GET
H2 200 en-ca-json-5cfa662.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 4F32 25 KB
6 KB 31ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-ca-json-5cfa662.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-5cfa662.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64ecf16635dd8200aba31992bcf7e1233e14b46c49058a3db613eddc7917e8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521984
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 10MPQBQNQYKMJCMR
x-amz-id-2: /JTLVbKU6YlMJfxcLoMXBgPhWHzWnYpdvuo7Aev0zgvbMq9GXqTLZSBR03j9Y9Tgp+FZg7kL9oM=
last-modified: Wed, 20 Jul 2022 22:41:31 GMT
server: cloudflare
etag: W/"c0f2acb5b15c0e4c614f9d1ac54f94ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lr1s4NH1%2BKeXK7Y5r21tW4yXVaFaZHO0ug7zA3m8s20rZoYHiGD3Z7XwxnM6ipBQnootjliG6TaTSC8IB7eq%2BiFnv7rTBYIAF4%2FmXoDTaKDNlfp06MqC%2FYz5Z9j4a2gojP5rDuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Nf3B2.Fm3sXOgrBRViVyMfWZi2ReKe8H
cf-ray: 731a07483e85cab4-YYZ
expires: Thu, 20 Jul 2023 22:41:30 GMT

GET
H2 200 web-widget-chat-sdk-5cfa662.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 4F32 202 KB
51 KB 36ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-5cfa662.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-5cfa662.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521984
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 10MHSJ33N05VTA95
x-amz-id-2: P92yijQ7AHGFBHz1UPVLtb++sbTp8cwW5rihkmlcQceRm2bqnpDVXjvG0EEsrvAlXsHza4ulsRU=
last-modified: Wed, 20 Jul 2022 22:41:30 GMT
server: cloudflare
etag: W/"865d0cd066636165cf7f35fb97a1d90d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27e26n%2BUk9OjFL6Zb4FIFYGFwCwGFRE%2FbMlr1pqgI6LdqYwF4VjhPjKLSRHA9ux3A2QSmyz94cdr4ADXRwpIESuw1KJhovggpImKRa3BkkdCx4Ths91gy8OGPl08YotabVGcyeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: dXFwpmmm8EKiUCziBEVb3VF4FOtk1Nbj
cf-ray: 731a07488eb5cab4-YYZ
expires: Thu, 20 Jul 2023 22:41:29 GMT

POST
H2 200 pv
neofinancial.zendesk.com/frontendevents/ Frame 4F32 0
0 105ms
104ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://neofinancial.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8e45177b7f7d8eb5e2ba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Jul 2022 02:01:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7NLXPeEJAqBq3TpQZjhv6RSMDdBT8H6W6jnaJxDPQArPYbC57hwqvqzZn%2FqKXJ5Clo2hgntTfcKr776c48z7fK%2B3oBgjqYT2a7R%2B%2BtVWw4dvw2leuT7Y44ebyZ%2B6ffULGAgrVUagpDl8g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 731a074968a2f995-YYZ
content-length: 0
x-request-id: 707ad58869a1d21138c618188e3a9cc9

OPTIONS
H2 204 pv
neofinancial.zendesk.com/frontendevents/ Frame 0
0 111ms
110ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://neofinancial.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://member.neofinancial.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 731a0748affcf995-YYZ
date: Thu, 28 Jul 2022 02:01:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeOt%2BiBIA%2FKv%2FLXra24C6WpV0Ep5yNFgpKaVAk82Y5HgvSDgnrLcFimxyHMHb6e6JGRo0SmorxCL4VE6Ogg3UVlZEikTNyi3ofrSWqxTRm63LS7ktfcy9V11wH3N3gfSGqFWA8PcHEboBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 2d497d75ecbadd1d2bec9f2bac02dae8
x-zendesk-zorg: yes

GET
H2 200 web-widget-chat-incoming-message-notification-5cfa662.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 4F32 208 B
642 B 28ms
27ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-5cfa662.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-5cfa662.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 02:01:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521985
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: BHMA5VDTY8XFZ3RV
x-amz-id-2: gcWqgPoCKQfY9PkF5ItX0r0LOAE6kVxZnKfcfQcKjP7e3LROuubbePbHi0ugERg/35h01dtDnm4=
last-modified: Wed, 20 Jul 2022 22:41:30 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4OjKZvvmu%2Bb4h43%2BsrzclOYmdRQgjkaWiXeLJEOXgb%2Fu%2BaBYf6ZnM%2F%2BElAg%2B%2FZTo2GOu%2FlBBKnqGiLUM5Y5DIFUBOr4oh1RReVJcuowLI5VhwQtq3RMcigi3qNXerCYv5I4r%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Gr848X0hdXtQafDLhf5YnC2grsVC8Ur0
cf-ray: 731a074c29cacab4-YYZ
expires: Thu, 20 Jul 2023 22:41:29 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 4F32 19 KB
20 KB 42ms
42ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 28 Jul 2022 02:01:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12128263
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
x-amz-request-id: HWJ19H8QG121Y76H
x-amz-id-2: haQxYcK7ojlDhfAQGdqJI527n5LBCKvaMVIHCWwsqh4Z01lyKEuJvpWnGAo2+PKYmdOvtUK6Wz8=
last-modified: Wed, 09 Mar 2022 06:43:05 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJzp1FWytXhJ78t%2FZeHKtx6sTZZdoJlvvbIsARfJK9Me13s5zQoqllMP0rXF9c4Pjj0%2FWwDzNfJcw23D69RlsV3ItfnerOwBgNBdd8MpGoXXAubO6LrUbzP7G%2BbK0tkLsMGpoak%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: ngeCnQamEcRo6kgSgz9pTF5J7hCEPwJW
Content-Length: 19698
cf-ray: 731a074c6a0acab4-YYZ
expires: Thu, 09 Mar 2023 06:43:04 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
flow.sandmanhotels.com/tr	1969-12-31 23:59:59	Name: GMS_REDIRECT Value: 064D0E5C789655C87B05D94C54CE57FA
flow.sandmanhotels.com/	1970-01-20 05:32:45	Name: 10414781288314 Value: 4287fc600733
member.neofinancial.com/	1969-12-31 23:59:59	Name: nf_cv Value: SANDMAN
member.neofinancial.com/	1969-12-31 23:59:59	Name: utm_medium Value: email%2Cpartner
member.neofinancial.com/	1969-12-31 23:59:59	Name: utm_source Value: AB%20Split%20Email%2Csandman
member.neofinancial.com/	1969-12-31 23:59:59	Name: utm_campaign Value: SHG_July26_GasAndGoNeo%2Cpreferredpartner_customersignup
member.neofinancial.com/	1969-12-31 23:59:59	Name: utm_content Value: various
member.neofinancial.com/	1969-12-31 23:59:59	Name: utm_term Value: m2c
member.neofinancial.com/	1969-12-31 23:59:59	Name: brand Value: sandman_hotels
member.neofinancial.com/	1969-12-31 23:59:59	Name: product Value: neo_standard_credit
.neofinancial.com/	1970-01-20 04:51:00	Name: _gid Value: GA1.2.400224146.1658973702
.neofinancial.com/	1970-01-20 06:59:09	Name: _gcl_au Value: 1.1.276605967.1658973702
.neofinancial.com/	1970-01-20 04:49:33	Name: _gat_UA-149449847-5 Value: 1
.neofinancial.com/	1970-01-20 22:20:45	Name: _ga Value: GA1.1.1502956661.1658973702
.neofinancial.com/	1970-01-20 22:20:45	Name: _ga_XECPFY9GGK Value: GS1.1.1658973701.1.0.1658973702.59
widget-mediator.zopim.com/	1970-01-20 04:59:38	Name: AWSALBCORS Value: 4vLGxeYKwNLCndFm0bp3+Xg5nkDgNYTfv9FVJhAGi8PldwbAyBLbLPODdjkfxWfvGuDKBhY+MtkezHEVXRP4q9plRn+0gBpYuz8KrilPWaJTi/0QAsFUfPEwCELM
.neofinancial.com/	1970-01-20 13:35:09	Name: __zlcmid Value: 1BBl6iPD6Rl9MBp

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn-global.configcat.com
ekr.zdassets.com
flow.sandmanhotels.com
member.neofinancial.com
neofinancial.zendesk.com
pubstatic.production.neofinancial.com
static.zdassets.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.ca
www.googletagmanager.com
104.16.51.111
104.18.70.113
104.70.121.144
18.67.65.2
18.67.76.24
2001:4860:4802:36::181
2606:4700::6812:1c1f
2607:f8b0:4004:c07::9d
2607:f8b0:4006:80b::200e
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2008
02dbc671b117a66463b87fbf3f4f77413d47686e526734a13fd79751a5ebb855
06518c9f29b0a0fd54e3fba3f79a9645dbfe11baeac54920db6e57e6bce04788
155fe12c77852a1501b2002925b35210df083c69d7c5bb1e39e2b47f8532ed16
2148c0b8b9c840f892079effe8099a692ee73ea882aadcba012afb6119dd97cb
32fe5fcc76b7253ffba88c0011b67f4ff4ff551f38565bcf89211f45e87e5ab4
341bca46c2b7f3c4173bf4dfd324fa1b7f14d84378a6ea2b0aa25267defe7d5c
38211663dae80aa421849cefff386ca97c79f6cb65df0523938e0b802f34999a
427053273a0df30c0dc37074fcaa5cda49c01a8bc9a315b15ea1666365eb7a58
4ac15e0246447c4533229fc361547a70b43cb0f0aa97e2320c57f776f53321f6
4ac51ffc4bca5ed831338ca7656a8446f9dd02fb72c7c70e0440a6cffd8cdf99
4d295383222a0eee91f5f1c1e8b2fe75108c765ccb7f6e7bac0c774d921e4d1d
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
59167460bfde56f6be2b908dca91d8b07589f32c61d894909f4ee5559d69d43c
6413e2d8acfbd94fd7674eb56810bfa8fd243ae6ea25e7789f086d5aa808694d
64ecf16635dd8200aba31992bcf7e1233e14b46c49058a3db613eddc7917e8fa
6821d51891e2968f54e48eff72cb3ea328fd80d767d8e2aeef9d195dd7fcf0f7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca7e40af6a65c385616d5907f7db3556bf253f77f57456621b15fb75fe60725
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fafd145b2ffeaa6870bc7553c0f1326249a46e92707f405161140785fb9b800
796352d09ba47c66948ad5f1a9782ce26153053acc704ea0103166b05baa54f2
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
8fc83ab5aef35ef8142fe41a871f4f0e7f574618cb6d28c867644d93346c9930
91d4323460bd9bfa3fd6e09558fe626dd35340ecdae7c3c5eb6d5f6f70ee9561
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
98c557838a5a9b98ca0565a82b7cb86af7188a42ac930e2049c665f2bb19a78b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19b9a850237adc9a3336560fc3506ae6f334e9ae4fdf8b62c80f9d210f36323
b0e38f4b620f58ad0d0fe67e1407360f7adb1ada99cbee0c1e5b8e1eb7c977a1
b326ac06af7d7e110680e40f5ab9ecedd4d228ea0b44fc20d4e4d9f9b14f19cb
bb9a600a7b8da64db67767cbd4fbe967a76fe4db00181e7d61d8a086ea32535e
bdf8cc679f2730f063a532eac979c610f88d8ff1e8670e1f21eae25b4f726b66
bdfd66e42d9c81288df47c7630f5a51843f765a66b50cc36a481a71c5e5ea5b5
bea2938aca6764761f71154d68a05a3d40f273d2577395024fea9301869e46a4
cc4a7cbc50a7b7c35e8fd882ec455324be0a06f4e9123a2242c322cd4e981ea9
cc958b7779f74413b682c246853b88c5ed668182d7ec8796876a9879b04c0c5b
d6f295f5b8b3e67658c05ea206b56c5dd9dc1e4952fd05ab22266bf148f1d6a5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e0d3de65c76c21ed34a46bfa6058c8cb684dff0bf696a05e5ce7735131ba4339
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95704045e2b001c379d443347c35f8785c69c669c515317d2cab59a9f5af868
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fccaaab976bbe971284ef40d56fa8afe00dfa17dbc7807f2eba82ecac17d6ab1

member.neofinancial.com Open in urlscan Pro 18.67.65.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

55 %IPv6

10 Domains

12 Subdomains

11 IPs

2 Countries

1832 kBTransfer

5941 kBSize

17 Cookies

2 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

member.neofinancial.com Open in urlscan Pro
18.67.65.2 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

55 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

1832 kB
Transfer

5941 kB
Size

17
Cookies

49 HTTP transactions
1 data transactions